9 matches found
PT-2026-35807
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability in the gateway plugin HTTP authentication mechanism that widens identity-bearing operator.read requests into runtime operator.write permissions. Attackers can exploit this by sending read-scoped requests through the gateway au...
EUVD-2025-208134
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...
CVE-2025-9909
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...
CVE-2025-9909
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...
CVE-2025-9909 Aap-gateway: improper path validation in gateway allows credential exfiltration
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...
PT-2025-54839
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gateway path. A malicious or socially engineered administrator can configure a...
aap-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...
CVE-2025-34202
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 25.2.169 and Application prior to 25.2.1518 VA and SaaS deployments expose Docker internal networks in a way that allows an attacker on the same external L2 segment — or an attacker able to add routes using the appliance as a...
Security and bug fixes for NetworkManager
1.48.10-5.0.1 - disable MPTCP handling by default Orabug: 34801142 - add connectivity check via Oracle servers Orabug: 32051972 1:1.48.10-5 - vpn: Support routing rules in vpn conenctions RHEL-73167 - vpn: Place gateway route to table defined in ipvx.route-table RHEL-73166 1:1.48.10-4 - Remove...