6 matches found
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via improper enforcement of policy checks in the QQBot admin command. An attacker can gain unauthorized access to restricted admin commands by bypassing DM-only an...
Keycloak 数据伪造问题漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a vulnerability related to data falsification. This vulnerability stems from defects in the WebAuthn registration component, which may allow for bypassing configured proofing policies and...
CVE-2026-27607 RustFS's Missing Post Policy Validation leads to Arbitrary Object Write
RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.56 through 1.0.0-alpha.82, RustFS does not validate policy conditions in presigned POST uploads PostObject, allowing attackers to bypass content-length-range, starts-with, and Content-Type constraints. This enabl...
PT-2026-21835
Name of the Vulnerable Software and Affected Versions RustFS versions 1.0.0-alpha.56 through 1.0.0-alpha.82 Description RustFS does not properly validate policy conditions during presigned POST uploads PostObject. This allows bypassing content-length-range, starts-with, and Content-Type...
Incorrect Authorization
Overview @finos/git-proxy is a Deploy custom push protections and policies on top of Git. Affected versions of this package are vulnerable to Incorrect Authorization via the push parser action process. An attacker can introduce unauthorized changes to remote repositories by bypassing required...
PT-2023-3200
Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description The issue is related to the handling of invalid certificate policies in leaf certificates by OpenSSL. When a non-default option is used for verifying certificates, applications may be...