CVE-2022-33082

HIGH

Open Policy Agent <0.10.2 - DoS

Title source: llm

An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input.

nomisec WORKING POC

by cyberqueenmeg · poc

CVSS v3 7.5

EPSS 0.0109

EPSS Percentile 78.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Status published

Products (2)

open-policy-agent/opa 0 - 0.42.0Go

openpolicyagent/open_policy_agent < 0.42.0

Published Jun 30, 2022

Tracked Since Feb 18, 2026