Go modules package
github.com/open-policy-agent/opa-envoy-plugin
pkg:golang/github.com/open-policy-agent/opa-envoy-plugin
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-26205 | Hig | — | < 1.13.2-envoy-2 | 1.13.2-envoy-2 | Feb 19, 2026 | opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the `input.parsed_path` field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with do |
- affected < 1.13.2-envoy-2fixed 1.13.2-envoy-2
opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the `input.parsed_path` field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with do