2 matches found
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the applypatch process. An attacker can gain unauthorized access to files or directories outside the intended workspace by exploiting insufficient enforcement ...
Off-by-one Error
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Off-by-one Error in the allowlist mode. An attacker can execute unintended commands by bypassing operator safety controls using specially crafted input to env -S when /usr/bin/env is...