Open Policy Agent (OPA) 0.39.0

CPE Details

Open Policy Agent (OPA) 0.39.0
openpolicyagent
open_policy_agent
0.39.0
2022-05-23
16h25 +00:00
2022-09-24
01h58 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openpolicyagent:open_policy_agent:0.39.0:*:*:*:*:*:*:*

Informations

Vendor

openpolicyagent

Product

open_policy_agent

Version

0.39.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-8260 2024-08-30 12h22 +00:00 A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions.
7.3
High
CVE-2022-33082 2022-06-30 19h50 +00:00 An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input.
7.5
High
CVE-2022-28946 2022-05-19 16h03 +00:00 An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access.
7.5
High