6 matches found
CVE-2022-28946
An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service DoS via triggering out-of-range memory access...
openSUSE: Security Advisory for trivy (openSUSE-SU-2022:10022-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for trivy (moderate)
openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2022:10022-1 Rating: moderate References: 1199760 Cross-References: CVE-2022-23648 CVE-2022-28946 CVSS scores: CVE-2022-23648 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-23648 SUSE: 5.5...
CVE-2022-28946 vulnerabilities
Vulnerabilities for packages: opa...
CVE-2022-28946 vulnerabilities
Vulnerabilities for packages: opa...
CVE-2022-28946
Open Policy Agent CVE-2022-28946 affects v0.39.0, due to a bug in ast/parser.go that causes the application to misinterpret expressions, leading to a Denial of Service via out-of-range memory access. The NVD metrics show a CVSS 3.1 base score of 7.5 (Network, Low attack complexity, No privileges ...