Denial Of Service (DoS)

2022-02-1010:04:04

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

46.9%

JSON

github.com/open-policy-agent/opa, is vulnerable to denial of service (DoS). The vulnerability exists due to Incorrect calculation in defaultLocation function in format.go file allowing an attacker to crash the system

CPENameOperatorVersion
github.com/open-policy-agent/opalev0.36.1
github.com/open-policy-agent/opalev0.36.1

CPE	Name	Operator	Version
	github.com/open-policy-agent/opa	le	v0.36.1
	github.com/open-policy-agent/opa	le	v0.36.1

References

github.com/open-policy-agent/opa/commit/932e4ffc37a590ace79e9b75ca4340288c220239

github.com/open-policy-agent/opa/commit/bfd984ddf93ef2c4963a08d4fdadae0bcf1a3717

github.com/open-policy-agent/opa/pull/3851

github.com/open-policy-agent/opa/pull/4260

github.com/open-policy-agent/opa/security/advisories/GHSA-hcw3-j74m-qc58

0.001 Low

EPSS

Percentile

46.9%

JSON

Related for VERACODE:34136