2 matches found
CVE-2023-45822
Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which a default unsafe rego built-in was allowed to be used when...
Artifact Hub allows unsafe rego built-in
Impact During a security audit of Artifact Hub's code base, a security researcher at OffSec identified a bug in which a default unsafe rego built-in was allowed to be used when defining authorization policies. Artifact Hub includes a fine-grained authorization mechanism that allows organizations ...