blob: 1d7b6e1df45f43ca00be3b41fcb5ec5499a06f16 [file] [log] [blame]
{
"schema_version": "1.3.1",
"id": "GO-2022-0574",
"modified": "0001-01-01T00:00:00Z",
"published": "2022-07-01T00:01:03Z",
"aliases": [
"CVE-2022-33082",
"GHSA-2m4x-4q9j-w97g"
],
"summary": "Denial of service in github.com/open-policy-agent/opa",
"details": "An issue in the AST parser of Open Policy Agent makes it possible for attackers to cause a Denial of Service attack from a crafted input.",
"affected": [
{
"package": {
"name": "github.com/open-policy-agent/opa",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "0.42.0"
}
]
}
],
"ecosystem_specific": {
"imports": [
{
"path": "github.com/open-policy-agent/opa/ast",
"symbols": [
"Args.Copy",
"Args.Vars",
"Array.Copy",
"Array.Foreach",
"Array.Iter",
"Array.Until",
"ArrayComprehension.Copy",
"BeforeAfterVisitor.Walk",
"Body.Copy",
"Body.Vars",
"Call.Copy",
"CompileModules",
"CompileModulesWithOpt",
"Compiler.Compile",
"Compiler.GetRulesDynamic",
"Compiler.GetRulesDynamicWithOpts",
"Compiler.PassesTypeCheck",
"ContainsClosures",
"ContainsComprehensions",
"ContainsRefs",
"Copy",
"Every.Copy",
"Every.KeyValueVars",
"Expr.Copy",
"Expr.CopyWithoutTerms",
"Expr.Vars",
"GenericTransformer.Transform",
"GenericVisitor.Walk",
"Head.Copy",
"Head.Vars",
"Import.Copy",
"IsConstant",
"JSON",
"JSONWithOpt",
"Module.Copy",
"Module.UnmarshalJSON",
"MustCompileModules",
"MustCompileModulesWithOpts",
"MustJSON",
"MustParseBody",
"MustParseBodyWithOpts",
"MustParseExpr",
"MustParseImports",
"MustParseModule",
"MustParseModuleWithOpts",
"MustParsePackage",
"MustParseRef",
"MustParseRule",
"MustParseStatement",
"MustParseStatements",
"MustParseTerm",
"NewGraph",
"ObjectComprehension.Copy",
"OutputVarsFromBody",
"OutputVarsFromExpr",
"Package.Copy",
"ParseBody",
"ParseBodyWithOpts",
"ParseExpr",
"ParseImports",
"ParseModule",
"ParseModuleWithOpts",
"ParsePackage",
"ParseRef",
"ParseRule",
"ParseStatement",
"ParseStatements",
"ParseStatementsWithOpts",
"ParseTerm",
"Parser.Parse",
"Pretty",
"QueryContext.Copy",
"Ref.ConstantPrefix",
"Ref.Copy",
"Ref.Dynamic",
"Ref.Extend",
"Ref.OutputVars",
"Rule.Copy",
"SetComprehension.Copy",
"SomeDecl.Copy",
"Term.Copy",
"Term.Vars",
"Transform",
"TransformComprehensions",
"TransformRefs",
"TransformVars",
"TreeNode.DepthFirst",
"TypeEnv.Get",
"Unify",
"ValueMap.Copy",
"ValueMap.Equal",
"ValueMap.Hash",
"ValueMap.Iter",
"ValueMap.MarshalJSON",
"ValueMap.String",
"ValueToInterface",
"VarVisitor.Walk",
"Walk",
"WalkBeforeAndAfter",
"WalkBodies",
"WalkClosures",
"WalkExprs",
"WalkNodes",
"WalkRefs",
"WalkRules",
"WalkTerms",
"WalkVars",
"WalkWiths",
"With.Copy",
"baseDocEqIndex.AllRules",
"baseDocEqIndex.Build",
"baseDocEqIndex.Lookup",
"bodySafetyTransformer.Visit",
"comprehensionIndexNestedCandidateVisitor.Walk",
"comprehensionIndexRegressionCheckVisitor.Walk",
"metadataParser.Parse",
"object.Copy",
"object.Diff",
"object.Filter",
"object.Foreach",
"object.Intersect",
"object.Iter",
"object.Map",
"object.Merge",
"object.MergeWith",
"object.Until",
"queryCompiler.Compile",
"refChecker.Visit",
"refindices.Sorted",
"refindices.Update",
"rewriteDeclaredVarsInTerm",
"rewriteNestedHeadVarLocalTransform.Visit",
"ruleArgLocalRewriter.Visit",
"ruleWalker.Do",
"set.Copy",
"set.Diff",
"set.Foreach",
"set.Intersect",
"set.Iter",
"set.Map",
"set.Reduce",
"set.Union",
"set.Until",
"trieNode.Do",
"trieNode.Traverse",
"trieTraversalResult.Add",
"typeChecker.CheckBody",
"typeChecker.CheckTypes"
]
}
]
}
}
],
"references": [
{
"type": "FIX",
"url": "https://github.com/open-policy-agent/opa/pull/4701"
},
{
"type": "FIX",
"url": "https://github.com/open-policy-agent/opa/commit/064f6168a8dfebdeb2ea147f7882bb9f5d2b7f67"
},
{
"type": "WEB",
"url": "https://github.com/open-policy-agent/opa/issues/4762"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2022-0574",
"review_status": "REVIEWED"
}
}