VYPR

Opa

by Open Policy Agent

Source repositories

CVEs (3)

  • CVE-2025-46569HigMay 1, 2025
    risk 0.41cvss epss 0.00

    Open Policy Agent (OPA) is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego…

  • CVE-2022-36085HigSep 8, 2022
    risk 0.41cvss 7.4epss 0.01

    Open Policy Agent (OPA) is an open source, general-purpose policy engine. The Rego compiler provides a (deprecated) `WithUnsafeBuiltins` function, which allows users to provide a set of built-in functions that should be deemed unsafe — and as such rejected — by the compiler…

  • CVE-2022-23628MedFeb 9, 2022
    risk 0.34cvss 6.3epss 0.01

    OPA is an open source, general-purpose policy engine. Under certain conditions, pretty-printing an abstract syntax tree (AST) that contains synthetic nodes could change the logic of some statements by reordering array literals. Example of policies impacted are those that parse…