data/reports: add GO-2022-0978.yaml for CVE-2022-36085

Fixes #978 Change-Id: I62274f5281e7c00674ad0ed6a5321fe076a44e36 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/430362 Reviewed-by: Julie Qiu <julieqiu@google.com> Reviewed-by: Tatiana Bradley <tatiana@golang.org>
golang · Sep 13, 2022 · e75c129 · e75c129
1 parent 2954611
commit e75c129
Showing 1 changed file with 185 additions and 0 deletions.
diff --git a/data/reports/GO-2022-0978.yaml b/data/reports/GO-2022-0978.yaml
@@ -0,0 +1,185 @@
+modules:
+  - module: github.com/open-policy-agent/opa
+    versions:
+      - introduced: 0.40.0
+        fixed: 0.44.0
+    vulnerable_at: 0.43.0
+    packages:
+      - package: github.com/open-policy-agent/opa/ast
+        symbols:
+          - Compiler.rewriteWithModifiers
+          - isBuiltinRefOrVar
+          - queryCompiler.checkDeprecatedBuiltins
+          - queryCompiler.checkUnsafeBuiltins
+          - rewriteWithModifier
+          - rewriteWithModifiersInBody
+          - validateWith
+          - validateWithFunctionValue
+        derived_symbols:
+          - Args.Copy
+          - Args.Vars
+          - Array.Copy
+          - Array.Foreach
+          - Array.Iter
+          - Array.Until
+          - ArrayComprehension.Copy
+          - BeforeAfterVisitor.Walk
+          - Body.Copy
+          - Body.Vars
+          - Call.Copy
+          - CompileModules
+          - CompileModulesWithOpt
+          - Compiler.Compile
+          - Compiler.GetRulesDynamic
+          - Compiler.GetRulesDynamicWithOpts
+          - Compiler.PassesTypeCheck
+          - ContainsClosures
+          - ContainsComprehensions
+          - ContainsRefs
+          - Copy
+          - Every.Copy
+          - Every.KeyValueVars
+          - Expr.Copy
+          - Expr.CopyWithoutTerms
+          - Expr.Vars
+          - GenericTransformer.Transform
+          - GenericVisitor.Walk
+          - Head.Copy
+          - Head.Vars
+          - Import.Copy
+          - IsConstant
+          - JSON
+          - JSONWithOpt
+          - Module.Copy
+          - Module.UnmarshalJSON
+          - MustCompileModules
+          - MustCompileModulesWithOpts
+          - MustJSON
+          - MustParseBody
+          - MustParseBodyWithOpts
+          - MustParseExpr
+          - MustParseImports
+          - MustParseModule
+          - MustParseModuleWithOpts
+          - MustParsePackage
+          - MustParseRef
+          - MustParseRule
+          - MustParseStatement
+          - MustParseStatements
+          - MustParseTerm
+          - NewGraph
+          - ObjectComprehension.Copy
+          - OutputVarsFromBody
+          - OutputVarsFromExpr
+          - Package.Copy
+          - ParseBody
+          - ParseBodyWithOpts
+          - ParseExpr
+          - ParseImports
+          - ParseModule
+          - ParseModuleWithOpts
+          - ParsePackage
+          - ParseRef
+          - ParseRule
+          - ParseStatement
+          - ParseStatements
+          - ParseStatementsWithOpts
+          - ParseTerm
+          - Parser.Parse
+          - Pretty
+          - QueryContext.Copy
+          - Ref.ConstantPrefix
+          - Ref.Copy
+          - Ref.Dynamic
+          - Ref.Extend
+          - Ref.OutputVars
+          - Rule.Copy
+          - SetComprehension.Copy
+          - SomeDecl.Copy
+          - Term.Copy
+          - Term.Vars
+          - Transform
+          - TransformComprehensions
+          - TransformRefs
+          - TransformVars
+          - TreeNode.DepthFirst
+          - TypeEnv.Get
+          - Unify
+          - ValueMap.Copy
+          - ValueMap.Equal
+          - ValueMap.Hash
+          - ValueMap.Iter
+          - ValueMap.MarshalJSON
+          - ValueMap.String
+          - ValueToInterface
+          - VarVisitor.Walk
+          - Walk
+          - WalkBeforeAndAfter
+          - WalkBodies
+          - WalkClosures
+          - WalkExprs
+          - WalkNodes
+          - WalkRefs
+          - WalkRules
+          - WalkTerms
+          - WalkVars
+          - WalkWiths
+          - With.Copy
+          - baseDocEqIndex.AllRules
+          - baseDocEqIndex.Build
+          - baseDocEqIndex.Lookup
+          - bodySafetyTransformer.Visit
+          - comprehensionIndexNestedCandidateVisitor.Walk
+          - comprehensionIndexRegressionCheckVisitor.Walk
+          - metadataParser.Parse
+          - object.Copy
+          - object.Diff
+          - object.Filter
+          - object.Foreach
+          - object.Intersect
+          - object.Iter
+          - object.Map
+          - object.Merge
+          - object.MergeWith
+          - object.Until
+          - queryCompiler.Compile
+          - refChecker.Visit
+          - refindices.Sorted
+          - refindices.Update
+          - rewriteNestedHeadVarLocalTransform.Visit
+          - ruleArgLocalRewriter.Visit
+          - ruleWalker.Do
+          - set.Copy
+          - set.Diff
+          - set.Foreach
+          - set.Intersect
+          - set.Iter
+          - set.Map
+          - set.Reduce
+          - set.Union
+          - set.Until
+          - trieNode.Do
+          - trieNode.Traverse
+          - trieTraversalResult.Add
+          - typeChecker.CheckBody
+          - typeChecker.CheckTypes
+description: |
+    Open Policy Agent (OPA) is an open source, general-purpose policy engine.
+    The Rego compiler provides a (deprecated) `WithUnsafeBuiltins` function,
+    which allows users to provide a set of built-in functions that should be
+    deemed unsafe and rejected by the compiler if encountered in the policy
+    compilation stage.
+
+    A bypass of this protection is possible when using the `with`
+    keyword to mock a built-in function that isn’t taken into account by
+    `WithUnsafeBuiltins`.
+cves:
+  - CVE-2022-36085
+credit: anderseknert@
+references:
+  - advisory: https://github.com/open-policy-agent/opa/security/advisories/GHSA-f524-rf33-2jjr
+  - fix: https://github.com/open-policy-agent/opa/pull/4540
+  - fix: https://github.com/open-policy-agent/opa/pull/4616
+  - fix: https://github.com/open-policy-agent/opa/commit/25a597bc3f4985162e7f65f9c36599f4f8f55823
+  - fix: https://github.com/open-policy-agent/opa/commit/3e8c754ed007b22393cf65e48751ad9f6457fee8
+  - web: https://github.com/open-policy-agent/opa/releases/tag/v0.43.1