>_
.issue.db
/highway-workflow-engine
Dashboard
Issues
Memory
Lessons
Audit Log
New Issue
Edit Issue #542
Update issue details
Title *
Description
File: api/middleware/rbac.py:146-209. _validate_api_key performs SELECT then UPDATE without FOR UPDATE lock. Between SELECT and UPDATE, another process could deactivate the key. IMPACT: Security bypass possible. FIX: Use UPDATE ... WHERE ... RETURNING pattern.
Priority
Low
Medium
High
Critical
Status
Open
In Progress
Closed
Won't Do
Due Date (YYYY-MM-DD)
Tags (comma separated)
Related Issues (IDs)
Enter IDs of issues related to this one. They will be linked as 'related'.
Update Issue
Cancel