63 matches found
DNG File Generator for Security Testing Masked RGB Tables
This Python script is a research-oriented DNG Digital Negative file generator designed to build a specially crafted image file with controlled metadata structures for security testing of DNG processing engines...
Gardyn 安全漏洞
Gardyn is an indoor smart hydroponic cultivation device developed by the American company Gardyn. There is a security vulnerability in the Gardyn Cloud API, which stems from the development and testing of APIs for image generation functions...
CVE-2026-34504
OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-provider.ts component that allows attackers to fetch internal URLs. A malicious or compromised fal relay can exploit unguarded image download fetches to expose internal service...
Server-side Request Forgery (SSRF)
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the image-generation-provider.ts process. An attacker can access internal network resources or sensitive metadata by supplying crafted URLs to the ima...
GHSA-PQHR-MP3F-HRPP Nuxt OG Image vulnerable to Server-Side Request Forgery via user-controlled parameters
Product: Nuxt OG Image Version: injection via html parameter GET /og/d/og.png?html= When verbose errors are enabled, the response content is leaked in base64-encoded error messages. Vector 3: SVG injection via html parameter GET /og/d/og.png?html= Mitigation Fixed in v6.2.5. The image source plug...
Nuxt OG Image vulnerable to Server-Side Request Forgery via user-controlled parameters
Product: Nuxt OG Image Version: injection via html parameter GET /og/d/og.png?html= When verbose errors are enabled, the response content is leaked in base64-encoded error messages. Vector 3: SVG injection via html parameter GET /og/d/og.png?html= Mitigation Fixed in v6.2.5. The image source plug...
GHSA-C7XP-Q6Q8-HG76 Nuxt OG Image is vulnerable to Denial of Service via unbounded image dimensions
Product: Nuxt OG Image Version: 6.1.2 CWE-ID: CWE-404: Improper Resource Shutdown or Release Description: Failure to limit the length and width of the generated image results in a denial of service. Impact: Denial of service Exploitation condition: An external user Mitigation: Implement a...
CVE-2026-34404
Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /og/d/ and, in older versions, /og-image/ contains a Denial of Service DoS vulnerability. The issue arises because there is no restriction on the width and height...
CVE-2026-34404 Nuxt OG Image vulnerable to DoS via image generation
Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /og/d/ and, in older versions, /og-image/ contains a Denial of Service DoS vulnerability. The issue arises because there is no restriction on the width and height...
CVE-2026-34404 Nuxt OG Image vulnerable to DoS via image generation
Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /og/d/ and, in older versions, /og-image/ contains a Denial of Service DoS vulnerability. The issue arises because there is no restriction on the width and height...
CVE-2026-34404
CVE-2026-34404 affects Nuxt OG Image. The vulnerability is in the image-generation component accessed via /_og/d/ (and older /og-image/), where unbounded width/height parameters allow a Denial of Service. Affected versions prior to 6.2.5 are exploitable; the issue has been patched in version 6.2....
EUVD-2026-17471
OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-provider.ts component that allows attackers to fetch internal URLs. A malicious or compromised fal relay can exploit unguarded image download fetches to expose internal service...
Duplicate Advisory: OpenClaw affected by SSRF via unguarded image download in fal provider
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qxgf-hmcj-3xw3. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider...
CVE-2026-34504
OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-provider.ts component that allows attackers to fetch internal URLs. A malicious or compromised fal relay can exploit unguarded image download fetches to expose internal service...
CVE-2026-34504
OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-provider.ts component that allows attackers to fetch internal URLs. A malicious or compromised fal relay can exploit unguarded image download fetches to expose internal service...
CVE-2026-34504 OpenClaw < 2026.3.28 - Server-Side Request Forgery via Unguarded Image Download in fal Provider
OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-provider.ts component that allows attackers to fetch internal URLs. A malicious or compromised fal relay can exploit unguarded image download fetches to expose internal service...
PT-2026-29266
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28 Description A server-side request forgery condition exists in the fal provider image-generation-provider.ts component. This allows attackers to retrieve internal URLs. A compromised or malicious fal relay c...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing vulnerability in the fal provider image-generation-provider.ts component...
PT-2026-29370
Name of the Vulnerable Software and Affected Versions Nuxt OG Image versions prior to 6.2.5 Description The Nuxt OG Image component, used for generating Open Graph images with Vue templates in Nuxt, contains a potential for Denial of Service DoS. This issue stems from a lack of restrictions on th...
Elon Musk’s Grok ‘Undressing’ Problem Isn’t Fixed
X has placed more restrictions on Grok’s ability to generate explicit AI images, but tests show that the updates have created a patchwork of limitations that fail to fully address the issue...