CVE-2022-33082
An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input.
| Software | From | Fixed in |
|---|---|---|
| openpolicyagent / open_policy_agent | - | 0.42.0 |
github.com/open-policy-agent/opa
|
- | 0.42.0 |
- https://github.com/open-policy-agent/opa/blob/598176de326025451025225aca53e85708d5f1db/ast/compile.go#L1224
- https://github.com/open-policy-agent/opa/commit/064f6168a8dfebdeb2ea147f7882bb9f5d2b7f67
- https://github.com/open-policy-agent/opa/issues/4761
- https://github.com/open-policy-agent/opa/issues/4762
- https://github.com/open-policy-agent/opa/pull/4701
- https://pkg.go.dev/vuln/GO-2022-0574
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime