2 matches found
GO-2023-2134 Artifact Hub allows unsafe rego built-in in github.com/artifacthub/hub
Artifact Hub allows unsafe rego built-in in github.com/artifacthub/hub...
Artifact Hub allows unsafe rego built-in
Impact During a security audit of Artifact Hub's code base, a security researcher at OffSec identified a bug in which a default unsafe rego built-in was allowed to be used when defining authorization policies. Artifact Hub includes a fine-grained authorization mechanism that allows organizations ...