Liron-L

**Name of the Vulnerable Software and Affected Versions** Twistlock AuthZ Broker version 0.1 **Description** The issue concerns the mishandling of regular expressions, which can be exploited to bypass policies. For example, the API endpoint "containers/aa/pause?aaa=/start" can be used to bypass a policy where "docker start" is allowed but "docker pause" is not. **Recommendations** For Twistlock AuthZ Broker version 0.1, as a temporary workaround, consider restricting access to the `containers/aa/pause` endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.