4 matches found
Security Flaw in Styra's OPA Exposes NTLM Hashes to Remote Attackers
Details have emerged about a now-patched security flaw in Styra's Open Policy Agent OPA that, if successfully exploited, could have led to leakage of New Technology LAN Manager NTLM hashes. "The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local us...
CVE-2024-8260
creationtimestamp| type| source ---|---|--- 2024-08-30 15:39:09+00:00| seen| https://t.me/cvedetector/4519 2024-10-22 17:01:42+00:00| seen| https://t.me/thehackernews/5770...
CVE-2024-8260 vulnerabilities
Vulnerabilities for packages: policy-controller, k8sgpt, kots, spire-server, conftest, kubescape, zarf, cosign, snyk-cli, zot, tfsec, datadog-agent, opa...
CVE-2024-8260 OPA SMB Force-Authentication
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...