Lucene search

K
prionPRIOn knowledge basePRION:CVE-2022-36085
HistorySep 08, 2022 - 2:15 p.m.

Design/Logic Flaw

2022-09-0814:15:00
PRIOn knowledge base
www.prio-n.com
5

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.6%

Open Policy Agent (OPA) is an open source, general-purpose policy engine. The Rego compiler provides a (deprecated) WithUnsafeBuiltins function, which allows users to provide a set of built-in functions that should be deemed unsafe — and as such rejected — by the compiler if encountered in the policy compilation stage. A bypass of this protection has been found, where the use of the with keyword to mock such a built-in function (a feature introduced in OPA v0.40.0), isn’t taken into account by WithUnsafeBuiltins. Multiple conditions need to be met in order to create an adverse effect. Version 0.43.1 contains a patch for this issue. As a workaround, avoid using the WithUnsafeBuiltins function and use the capabilities feature instead.

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.6%

Related for PRION:CVE-2022-36085