7 matches found
CVE-2026-29791
Agentgateway is an open source data plane for agentic AI connectivity within or across any agent framework or environment. Prior to version 0.12.0, when converting MCP tools/call request to OpenAPI request, input path, query, and header values are not sanitized. This issue has been patched in...
CVE-2026-29791 Agentgateway: Missing parameter sanitization in MCP to OpenAPI conversion
Agentgateway is an open source data plane for agentic AI connectivity within or across any agent framework or environment. Prior to version 0.12.0, when converting MCP tools/call request to OpenAPI request, input path, query, and header values are not sanitized. This issue has been patched in...
CVE-2026-29791 Agentgateway: Missing parameter sanitization in MCP to OpenAPI conversion
Agentgateway is an open source data plane for agentic AI connectivity within or across any agent framework or environment. Prior to version 0.12.0, when converting MCP tools/call request to OpenAPI request, input path, query, and header values are not sanitized. This issue has been patched in...
CVE-2026-29791
Agentgateway is an open source data plane for agentic AI connectivity within or across any agent framework or environment. Prior to version 0.12.0, when converting MCP tools/call request to OpenAPI request, input path, query, and header values are not sanitized. This issue has been patched in...
GHSA-V2X6-WWFW-R2RQ Agentgateway is missing parameter sanitization in MCP to OpenAPI conversion
Summary When converting MCP tools/call request to OpenAPI request, input path, query, and header values are not sanitized. Details When using the MCP to OpenAPI feature, the proxy lacks proper sanitization of input parameters in the MCP call, allowing: Injection of additional path or query...
PT-2026-23611
Name of the Vulnerable Software and Affected Versions Agentgateway versions prior to 0.12.0 Description Agentgateway, an open source data plane for agentic AI connectivity, has an issue where input path, query, and header values are not sanitized when converting MCP tools/call requests to OpenAPI...
[SECURITY] Fedora 34 Update: golang-github-googleapis-gnostic-0.5.3-5.fc34
This package contains a Go command line tool which converts JSON and YAML OpenAPI descriptions to and from equivalent Protocol Buffer representations. Protocol Buffers provide a language-neutral, platform-neutral, extensible mechanism for serializing structured data. gnostic's Protocol Buffer...