OpenClaw: Gateway operator.write Can Reach Admin-Class Talk Voice Config Persistence via chat.send

Summary Gateway operator.write Can Reach Admin-Class Talk Voice Config Persistence via chat.send Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real shipped operator.write to admin-class Talk Voice config persistence bug, but it is the same narrow...

Security Bulletin: Watson AI Gateway for Cloud Pak for Data is vulnerable to an Ajv (aka Another JSON Schema Validator) could allow a remote attacker to execute arbitrary code on the system (CVE-2020-15366)

Summary Watson Gateway is an internal component, it does not expose any APIs externally. If a remote attacker gained access to the internal CP4D cluster, they could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the ajv.validate function...

Security Bulletin: Watson AI Gateway for Cloud Pak for Data is vulnerable to an OpenSSL denial of service caused by a type confusion error (CVE-2023-0286)

Summary Watson Gateway is an internal component, it does not expose any APIs externally. If a remote attacker gained access to the internal CP4D cluster, they could exploit this potential vulnerability to execute arbitrary code on the system or cause a denial of service. Vulnerability Details...