Lucene search
K

5 matches found

OSV
OSV
added 2026/03/02 10:40 p.m.5 views

GHSA-HJVP-QHM6-WRH2 OpenClaw Node system.run approval context-binding weakness in approval-enabled host=node flows

Summary In approval-enabled host=node workflows, system.run approvals did not always carry a strict, versioned execution-context binding. In uncommon setups that rely on these approvals as an integrity guardrail, a previously approved request could be reused with changed env input. Affected...

2.6CVSS6AI score0.00191EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Configure a Proper Default Zone

The firewalld service allows several independent rule zones to be created on a firewall based on the zone concept. Different interfaces or source addresses can be bound to different zones to implement different control logic. A zone can be configured with many different network interfaces or sour...

6.9AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.57 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a data binding rules security weakness in Spring Framework (CVE-2022-22968)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a Spring framework data binding rules vulnerability, where case sensitive patterns for disallowedFields cause weaker than expected security CVE-2022-22968. Spring Framework is used by some of the java...

5.3CVSS5.6AI score0.05666EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/17 6:30 p.m.138 views

Security Bulletin: Vulnerability in Spring Framework affects IBM Watson Explorer (CVE-2022-22971, CVE-2022-22968, CVE-2022-22970)

Summary Spring Framework is used by IBM Watson Explorer Foundational and Analytical Components. IBM Watson Explorer has addressed the applicable CVE CVE-2022-22971, CVE-2022-22968, CVE-2022-22970. Vulnerability Details CVEID: CVE-2022-22971 DESCRIPTION: Vmware Tanzu Spring Framework is vulnerable...

6.5CVSS1AI score0.05666EPSS
Exploits3Affected Software1
Veracode
Veracode
added 2022/04/14 1:40 p.m.80 views

Binding Rules Bypass

spring-context is vulnerable to binding rules bypass. The vulnerability exists due to lack of sanitization of HTTP request parameters which allows an attacker to bypass the disallowedFields and bind malicious HTTP request parameters...

5.3CVSS2.7AI score0.05666EPSS
Exploits2References7Affected Software1
Rows per page
Query Builder