110 matches found
Code injection
Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4...
CVE-2023-33191
CVE-2023-33191 affects Kyverno, a Kubernetes policy engine. The vulnerability lies in the seccomp control used by the podSecurity validate.podSecurity subrule, making Kyverno versions 1.9.2 and 1.9.3 vulnerable to circumvention of seccomp controls. The issue was fixed in version 1.9.4. Reported s...
CVE-2023-33191 kyverno seccomp control can be circumvented
Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4...
CVE-2023-33191 kyverno seccomp control can be circumvented
Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4...
CVE-2022-1700
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...
PT-2022-14056 · Forcepoint · Forcepoint Email Security +4
Name of the Vulnerable Software and Affected Versions: Forcepoint Data Loss Prevention DLP versions prior to 8.8.2 Forcepoint One Endpoint F1E with Policy Engine versions prior to 8.8.2 Forcepoint Web Security Content Gateway versions prior to 8.5.5 Forcepoint Email Security with DLP enabled...
Forcepoint Data Loss Prevention 代码问题漏洞
Forcepoint Data Loss Prevention Forcepoint DLP is a data loss prevention software from Forcepoint Corporation, USA. A security vulnerability in the Policy Engine component of Forcepoint Data Loss Prevention stems from an incorrectly configured XML parser in the Policy Engine that fails to support...
[SECURITY] Fedora 36 Update: open-policy-agent-0.31.0-7.fc36
An open source, general-purpose policy engine. The Open Policy Agent OPA is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack...
[SECURITY] Fedora 36 Update: open-policy-agent-0.31.0-6.fc36
An open source, general-purpose policy engine. The Open Policy Agent OPA is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack...
Open Policy Agent 安全漏洞
Open Policy Agent is a general-purpose policy engine that enables unified, context-aware policy enforcement across the stack. v0.39.0 of Open Policy Agent is vulnerable to a denial-of-service vulnerability that stems from an application misinterpreting each expression, triggering out-of-scope...
Fedora: Security Advisory for open-policy-agent (FEDORA-2022-08ae2dd481)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: open-policy-agent-0.31.0-4.fc36
An open source, general-purpose policy engine. The Open Policy Agent OPA is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack...
CVE-2022-23628
OPA is an open source, general-purpose policy engine. Under certain conditions, pretty-printing an abstract syntax tree AST that contains synthetic nodes could change the logic of some statements by reordering array literals. Example of policies impacted are those that parse and compare web paths...
Design/Logic Flaw
OPA is an open source, general-purpose policy engine. Under certain conditions, pretty-printing an abstract syntax tree AST that contains synthetic nodes could change the logic of some statements by reordering array literals. Example of policies impacted are those that parse and compare web paths...
CVE-2022-23628 Array literal misordering in github.com/open-policy-agent/opa
OPA is an open source, general-purpose policy engine. Under certain conditions, pretty-printing an abstract syntax tree AST that contains synthetic nodes could change the logic of some statements by reordering array literals. Example of policies impacted are those that parse and compare web paths...
CVE-2022-23628
Summary (CVE-2022-23628) : The issue in Open Policy Agent (OPA) concerns the pretty-printing of an AST that contains synthetic nodes, which can reorder array literals and change policy logic under a very specific set of conditions. The three conditions must all be met: (1) an AST is created progr...
Open Policy Agent 安全漏洞
Open Policy Agent is an open source general-purpose policy engine that enables uniform, context-aware policy enforcement across the stack. Open Policy Agent suffers from a security vulnerability that stems from the fact that under certain conditions, pretty-printing an Abstract Syntax Tree AST...
GHSA-XV7X-X6WR-XX7G Apache Ranger policy engine incorrectly matches paths in certain conditions
Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true...
Imperva SecureSphere WAF 11.5 Bypass
Hello everyone, Can I have your opinion about this bug below please ? Exploit Title: Policy Bypass on Imperva SecureSphere Web Application Firewall Date: 08/05/2018 Author: Damien CabriAc Contact: https://twitter.com/nawhack Vendor Homepage: http://www.imperva.com Version: Imperva SecureSphere WA...
Design/Logic Flaw
Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true...