24 matches found
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.24 contained security vulnerabilities. These vulnerabilities stemmed from the /allowlist command not revalidating the gateway client scope for internal callers. This could allow...
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the chat.send process. An attacker can perform unauthorized persistent configuration changes by routing /config set or /config unset commands through an...
GHSA-64QX-VPXX-MVQF OpenClaw has an arbitrary transcript path file write via gateway sessionFile
Summary In OpenClaw versions prior to 2026.2.12, the gateway accepted an untrusted sessionFile path when resolving the session transcript file. This could allow an authenticated gateway client to create and append OpenClaw session transcript records at an arbitrary path on the gateway host...
EUVD-2025-14350
Malicious code in bioql PyPI...
MAL-2025-15222 Malicious code in aws-api-gateway-js-client (npm)
The package aws-api-gateway-js-client was found to contain malicious code...
SAP Gateway Client Information Disclosure Vulnerability
SAP Gateway Client is an OData service test and debugging tool from SAP Germany, integrated into SAP NetWeaver Gateway. An information disclosure vulnerability exists in SAP Gateway Client that stems from improper privilege management and can be exploited by an attacker to cause information...
CVE-2025-42997
Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted information beyond the scope of the application. Due to the possibility of influencing application behavior or performance through misuse of the exposed data, this may potentially lead to low impact on...
CVE-2025-42997
Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted information beyond the scope of the application. Due to the possibility of influencing application behavior or performance through misuse of the exposed data, this may potentially lead to low impact on...
CVE-2025-42997 Information Disclosure vulnerability in SAP Gateway Client
Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted information beyond the scope of the application. Due to the possibility of influencing application behavior or performance through misuse of the exposed data, this may potentially lead to low impact on...
CVE-2025-42997 Information Disclosure vulnerability in SAP Gateway Client
Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted information beyond the scope of the application. Due to the possibility of influencing application behavior or performance through misuse of the exposed data, this may potentially lead to low impact on...
CVE-2025-42997
CVE-2025-42997 affects SAP Gateway Client. Description: information disclosure vulnerability where a high-privileged user can access restricted data beyond the application’s scope, caused by improper privilege management and data exposure that may yield low impact to confidentiality, integrity, a...
SAP Gateway Client 安全漏洞
SAP Gateway Client is an OData service test and debugging tool from SAP Germany, integrated into SAP NetWeaver Gateway. An information disclosure vulnerability exists in SAP Gateway Client that stems from improper privilege management and can be exploited by an attacker to cause information...
PT-2025-20811 · Sap · Sap Gateway Client
Name of the Vulnerable Software and Affected Versions: SAP Gateway Client affected versions not specified Description: The issue allows a high-privileged user to access restricted information beyond the application's scope, potentially leading to low impact on confidentiality, integrity, and...
MAL-2024-11988 Malicious code in gps-gateway-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7841067a161c55356141a3d1e9fb8bd1922ff25291edeb0d46e708a9e6b563b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in gps-gateway-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7841067a161c55356141a3d1e9fb8bd1922ff25291edeb0d46e708a9e6b563b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
BIT-HYPERLEDGER-FABRIC-ORDERER-2022-36023 Remote denial of service in Hyperledger Fabric Gateway
Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. Version 2.4.6 checks for the malformed gateway request and returns...
BIT-HYPERLEDGER-FABRIC-TOOLS-2022-36023 Remote denial of service in Hyperledger Fabric Gateway
Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. Version 2.4.6 checks for the malformed gateway request and returns...
TCP & ICMP session are not resumed after Auto reconnect
TCP & ICMP session are not resumed after Auto reconnect TCP Expectation by Customer When the Citrix Gateway client is disconnected and reconnect itself automatically, we expected the TCP communications to be resumed through the retransmission capacity of TCP...
Denial Of Service (DoS)
github.com/hyperledger/fabric is vulnerable to denial of service DoS attacks. Lack of validations in getChannelAndChaincodeFromSignedProposal function may cause a peer node crash when a gateway client application sends a malformed request to a gateway peer...
Design/Logic Flaw
Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. Version 2.4.6 checks for the malformed gateway request and returns...