CVE-2023-45822: Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a secur...

Description

Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which a default unsafe rego built-in was allowed to be used when defining authorization policies. Artifact Hub includes a fine-grained authorization mechanism that allows organizations to define what actions can be performed by their members. It is based on customizable authorization policies that are enforced by the `Open Policy Agent`. Policies are written using `rego` and their data files are expected to be json documents. By default, `rego` allows policies to make HTTP requests, which can be abused to send requests to internal resources and forward the responses to an external entity. In the context of Artifact Hub, this capability should have been disabled. This issue has been resolved in version `1.16.0`. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Metrics

CVSS 3.1

5.3/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Probability

0.52%

40.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Artifacthub	Hub	< 1.16.0

References

https://artifacthub.io/packages/helm/artifact-hub/artifact-hub?modal=changelog&version=1.16.0Product
https://github.com/artifacthub/hub/security/advisories/GHSA-9pc8-m4vp-ggvfThird Party Advisory
https://www.openpolicyagent.org/Mitigation
https://www.openpolicyagent.org/docs/latest/#regoMitigation
https://artifacthub.io/packages/helm/artifact-hub/artifact-hub?modal=changelog&version=1.16.0Product
https://github.com/artifacthub/hub/security/advisories/GHSA-9pc8-m4vp-ggvfThird Party Advisory
https://www.openpolicyagent.org/Mitigation
https://www.openpolicyagent.org/docs/latest/#regoMitigation

Timeline

Published: Oct 19, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2023-45822?

Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which a default unsafe rego built-in was allowed to be used when defining authorization policies. Artifact Hub includes a fine-grained authorization mechanism that allows organizations to define what actions can be performed by their members. It is based on customizable authorization policies that are enforced by the `Open Policy Agent`. Policies are written using `rego` and their data files are expected to be json documents. By default, `rego` allows policies to make HTTP requests, which can be abused to send requests to internal resources and forward the responses to an external entity. In the context of Artifact Hub, this capability should have been disabled. This issue has been resolved in version `1.16.0`. Users are advised to upgrade. There are no known workarounds for this vulnerability.

How severe is CVE-2023-45822?

CVE-2023-45822 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 0.52% probability of exploitation in the next 30 days.

How do I fix CVE-2023-45822?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.