CVE-2022-28946

Published May 19th, 2022

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access.

open-policy-agent/opa

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

GitHub

11.8K