2 matches found
GHSA-P4X4-2R7F-WJXG OpenClaw gateway exec allow-always over-trusts positional carrier executables
Summary Allow-always persistence could trust wrapper carrier executables instead of the actual invoked target when commands were routed through dispatch wrappers. Impact A one-time approval could persist a broader future allowlist entry than the operator intended, weakening execution approval...
EUVD-2022-2725
Malicious code in bioql PyPI...