CVE-2022-36085

{"id": "CVE-2022-36085", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-09-08T14:15:08.340", "references": [{"url": "https://github.com/open-policy-agent/opa/commit/25a597bc3f4985162e7f65f9c36599f4f8f55823", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/open-policy-agent/opa/commit/3e8c754ed007b22393cf65e48751ad9f6457fee8", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/open-policy-agent/opa/pull/4540", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/open-policy-agent/opa/pull/4616", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/open-policy-agent/opa/releases/tag/v0.43.1", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/open-policy-agent/opa/security/advisories/GHSA-f524-rf33-2jjr", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/open-policy-agent/opa/commit/25a597bc3f4985162e7f65f9c36599f4f8f55823", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/open-policy-agent/opa/commit/3e8c754ed007b22393cf65e48751ad9f6457fee8", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/open-policy-agent/opa/pull/4540", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/open-policy-agent/opa/pull/4616", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/open-policy-agent/opa/releases/tag/v0.43.1", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/open-policy-agent/opa/security/advisories/GHSA-f524-rf33-2jjr", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-693"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Open Policy Agent (OPA) is an open source, general-purpose policy engine. The Rego compiler provides a (deprecated) `WithUnsafeBuiltins` function, which allows users to provide a set of built-in functions that should be deemed unsafe \u2014 and as such rejected \u2014 by the compiler if encountered in the policy compilation stage. A bypass of this protection has been found, where the use of the `with` keyword to mock such a built-in function (a feature introduced in OPA v0.40.0), isn\u2019t taken into account by `WithUnsafeBuiltins`. Multiple conditions need to be met in order to create an adverse effect. Version 0.43.1 contains a patch for this issue. As a workaround, avoid using the `WithUnsafeBuiltins` function and use the `capabilities` feature instead."}, {"lang": "es", "value": "Open Policy Agent (OPA) es un motor de pol\u00edticas de prop\u00f3sito general de c\u00f3digo abierto. El compilador de Rego proporciona una funci\u00f3n \"WithUnsafeBuiltins\" (en desuso), que permite a usuarios proporcionar un conjunto de funciones integradas que el compilador deber\u00eda considerar inseguras y, como tales, rechazarlas si son encontradas en la etapa de compilaci\u00f3n de pol\u00edticas. . Se ha encontrado una omisi\u00f3n de esta protecci\u00f3n, en la que \"WithUnsafeBuiltins\" no es tenido en cuenta el uso de la palabra clave \"with\" para simular una funci\u00f3n integrada de este tipo (una caracter\u00edstica introducida en OPA v0.40.0). Deben cumplirse m\u00faltiples condiciones para crear un efecto adverso. La versi\u00f3n 0.43.1 contiene un parche para este problema. Como mitigaci\u00f3n, evite usar la funci\u00f3n \"WithUnsafeBuiltins\" y use la funcionalidad \"capabilities\" en su lugar"}], "lastModified": "2024-11-21T07:12:21.110", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openpolicyagent:open_policy_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24044142-C7B3-4994-9F36-5ED0299C8E5B", "versionEndExcluding": "0.43.1", "versionStartIncluding": "0.40.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}