2 matches found
CVE-2021-43979
Styra Open Policy Agent OPA Gatekeeper through 3.7.0 mishandles concurrency, sometimes resulting in incorrect access control. The data replication mechanism allows policies to access the Kubernetes cluster state. During data replication, OPA/Gatekeeper does not wait for the replication to finish...
PT-2021-23990 · Styra · Styra Open Policy Agent (Opa) Gatekeeper
Name of the Vulnerable Software and Affected Versions: Styra Open Policy Agent OPA Gatekeeper versions 3.7.0 and earlier Description: The issue arises from the mishandling of concurrency, which can result in incorrect access control. This occurs because the data replication mechanism, allowing...