170 matches found
CVE-2025-46569 OPA server Data API HTTP path injection of Rego
Open Policy Agent OPA is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a singl...
GHSA-6M8W-JC87-6CR7 OPA server Data API HTTP path injection of Rego
Impact When run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a single data document reference is constructed from the requested path. This query is then used...
OPA server Data API HTTP path injection of Rego
Impact When run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a single data document reference is constructed from the requested path. This query is then used...
GHSA-265R-HFXG-FHMG vulnerabilities
Vulnerabilities for packages: opa-envoy, zarf, grype, helm-push, newrelic-infrastructure-agent, nerdctl, fuse-overlayfs-snapshotter, flux-source-controller, trivy, ctop, syft, kubescape, wolfictl, linkerd2, skaffold, kubevela, melange, eksctl, envoy-gateway, kargo, docker-cli-buildx, k3s, zot,...
Linux Distros Unpatched Vulnerability : CVE-2024-8260
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input...
Malicious code in opa-fe-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0912f1fa265b4c148d99d5ebf17f99f098efa46a5222a44acee011d8ab0680df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10764 Malicious code in opa-fe-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0912f1fa265b4c148d99d5ebf17f99f098efa46a5222a44acee011d8ab0680df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Security Flaw in Styra's OPA Exposes NTLM Hashes to Remote Attackers
Details have emerged about a now-patched security flaw in Styra's Open Policy Agent OPA that, if successfully exploited, could have led to leakage of New Technology LAN Manager NTLM hashes. "The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local us...
GO-2024-3141 OPA for Windows has an SMB force-authentication vulnerability in github.com/open-policy-agent/opa
OPA for Windows has an SMB force-authentication vulnerability. Due to improper input validation, it allows a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions...
CVE-2024-8260
An SMB force-authentication vulnerability exists in all versions of OPA. The vulnerability exists due to improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or one of the OPA Go library’s functions. Mitigation Mitigation for...
GHSA-C77R-FH37-X2PX OPA for Windows has an SMB force-authentication vulnerability
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...
OPA for Windows has an SMB force-authentication vulnerability
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...
GHSA-C77R-FH37-X2PX vulnerabilities
Vulnerabilities for packages: snyk-cli, kubescape, zarf, spire-server, cosign, opa, k8sgpt, conftest, datadog-agent, policy-controller, tfsec, kots, zot...
CVE-2024-8260
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...
CVE-2024-8260 vulnerabilities
Vulnerabilities for packages: k8sgpt, policy-controller-fips, kubescape, kyverno-fips, datadog-agent, cosign-fips, conftest, kyverno, gatekeeper, zot, zarf, cosign, kots, opa, gatekeeper-fips, spire-server-fips, spire-server, policy-controller, datadog-agent-fips, tfsec, snyk-cli, conftest-fips...
CVE-2024-8260 vulnerabilities
Vulnerabilities for packages: snyk-cli, kubescape, zarf, spire-server, cosign, opa, k8sgpt, conftest, datadog-agent, policy-controller, tfsec, kots, zot...
CVE-2024-8260 OPA SMB Force-Authentication
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...
CVE-2024-8260
Technical details for CVE-2024-8260 are not publicly available in the provided connected documents. The initial description mentions OPA on Windows and an SMB force-authentication issue, but no concrete affected versions, impact, exploit data, or fixes are given here. Monitor for updates.
CVE-2024-8260 OPA SMB Force-Authentication
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...
CVE-2024-8260 OPA SMB Force-Authentication
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...