170 matches found
CVE-2026-26205 vulnerabilities
Vulnerabilities for packages: opa-envoy...
CVE-2026-26205 vulnerabilities
Vulnerabilities for packages: opa-envoy, opa-fips-envoy...
GHSA-9F29-V6MM-PW6W vulnerabilities
Vulnerabilities for packages: opa-envoy, opa-fips-envoy...
GO-2026-4506 opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in input.parsed_path in github.com/open-policy-agent/opa-envoy-plugin
opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in input.parsedpath in github.com/open-policy-agent/opa-envoy-plugin...
CVE-2026-26205
opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as...
CVE-2026-26205
opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as...
CVE-2026-26205 opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in `input.parsed_path`
opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as...
CVE-2026-26205
CVE-2026-26205 affects the opa-envoy-plugin for Envoy (opa-envoy-plugun). Versions prior to 1.13.2-envoy-2 construct input.parsed_path by treating HTTP request paths as full URIs and interpreting leading segments with ‘//’ as authorities, which drops those segments from the parsed path. This crea...
CVE-2026-26205 opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in `input.parsed_path`
opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as...
CVE-2026-26205 opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in `input.parsed_path`
opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as...
opa-envoy-plugin 安全漏洞
opa-envoy-plugin is a plugin developed by Open Policy Agent. Versions of opa-envoy-plugin prior to 1.13.2-envoy-2 contained security vulnerabilities. These vulnerabilities stemmed from defects in the way the input.parsedpath field was constructed, which could lead to mismatches in path...
GHSA-9F29-V6MM-PW6W opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in input.parsed_path
A security vulnerability has been discovered in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as authority components, and therefore dropping them from the parsed path. Thi...
opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in input.parsed_path
A security vulnerability has been discovered in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as authority components, and therefore dropping them from the parsed path. Thi...
CVE-2025-68121 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard, kubeflow, ghaudit, crossplane-provider-aws-ec2, postgres-operator, terraform-provider-azapi, govulncheck, cilium-certgen, thanos, telegraf, kargo, kyverno-policy-reporter-kyverno-plugin, grpcurl, cis-operator, rootlesskit, src, smokescreen,...
AZL-75473 CVE-2025-11065 affecting package opa 0.63.0-2
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...
AZL-75545 CVE-2025-11065 affecting package opa for versions less than 0.63.0-6
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...
Azure Linux 3.0 Security Update: opa (CVE-2025-46569)
The version of opa installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-46569 advisory. - Open Policy Agent OPA is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a...
CVE-2022-23628
OPA is an open source, general-purpose policy engine. Under certain conditions, pretty-printing an abstract syntax tree AST that contains synthetic nodes could change the logic of some statements by reordering array literals. Example of policies impacted are those that parse and compare web paths...
Linux Distros Unpatched Vulnerability : CVE-2023-54219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert IB/isert: Fix incorrect release of isert connection Commit: 699826f4e30a IB/isert: Fix incorrect release of isert connection is causing problems on OPA...
UBUNTU-CVE-2023-54219
In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a "IB/isert: Fix incorrect release of isert connection" is causing problems on OPA when DEVICEREMOVAL is happening. ------------ cut here -----------...