github.com/open-policy-agent/opa is vulnerable to a protection mechanism bypass. A remote attacker is able to bypass the protection set by WithUnsafeBuiltins
function via use of the with
keyword to create replicas of unsafe built-in functions.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/open-policy-agent/opa | le | v0.43.0 | |
github.com/open-policy-agent/opa | le | v0.43.0 |
github.com/open-policy-agent/opa/commit/25a597bc3f4985162e7f65f9c36599f4f8f55823
github.com/open-policy-agent/opa/commit/3e8c754ed007b22393cf65e48751ad9f6457fee8
github.com/open-policy-agent/opa/pull/4540
github.com/open-policy-agent/opa/pull/4616
github.com/open-policy-agent/opa/pull/5101
github.com/open-policy-agent/opa/releases/tag/v0.43.1
github.com/open-policy-agent/opa/security/advisories/GHSA-f524-rf33-2jjr