Описание
An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input.
A flaw was found in the Open Policy Agent, where it is vulnerable to a denial of service caused by an issue in the AST parser (ast/compile.go). This flaw allows an attacker to cause a denial of service by sending specially-crafted input.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Logging Subsystem for Red Hat OpenShift | openshift-logging/lokistack-gateway-rhel9 | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/opa-openshift-rhel8 | Not affected | ||
| Red Hat Advanced Cluster Security 3 | advanced-cluster-security/rhacs-main-rhel8 | Will not fix | ||
| Red Hat Advanced Cluster Security 3 | advanced-cluster-security/rhacs-scanner-rhel8 | Not affected | ||
| Red Hat Advanced Cluster Security 4 | advanced-cluster-security/rhacs-main-rhel8 | Not affected | ||
| Red Hat OpenShift Container Platform 4 | openshift4/cnf-tests-rhel8 | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ztp-site-generate-rhel8 | Affected | ||
| Red Hat OpenShift Container Platform 4 | openshift-security-profiles-operator-container | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-20->CWE-248
https://bugzilla.redhat.com/show_bug.cgi?id=2196440open-policy-agent: possible DoS via crafted input
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 3 лет назад
An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input.
7.5 High
CVSS3