Open Policy Agent Security Vulnerabilities and Issues — Open Policy Agent CVE List

Lucene search

OpenpolicyagentOpen Policy Agent

3 matches found

CVE•added 2022/05/19 7:15 p.m.•280 views

CVE-2022-28946

An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access.

7.5CVSS7.3AI score0.00411EPSS

CVE•added 2022/06/30 10:15 p.m.•279 views

CVE-2022-33082

An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5CVSS7.1AI score0.01038EPSS

CVE•added 2024/08/30 1:15 p.m.•259 views

CVE-2024-8260

A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s funct...

7.3CVSS6.8AI score0.00045EPSS