VYPR

Opa Envoy Plugin

by Open Policy Agent

Source repositories

CVEs (1)

  • CVE-2026-26205HigFeb 19, 2026
    risk 0.39cvss epss 0.00

    opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the `input.parsed_path` field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with…