OpenClaw safeBins grep -e File Read Bypass (stdin-only policy bypass)

Summary OpenClaw tools.exec.safeBins had a stdin-only policy bypass for grep. If pattern input was supplied through -e / --regexp, the validator consumed the pattern as a flag value and still allowed one positional operand. That positional could be a bare filename like .env. Affected Packages /...

CVE-2020-37065 StreamRipper32 2.6 - Buffer Overflow

StreamRipper32 version 2.6 contains a buffer overflow vulnerability in the Station/Song Section that allows attackers to overwrite memory by manipulating the SongPattern input. Attackers can craft a malicious payload exceeding 256 bytes to potentially execute arbitrary code and compromise the...

CVE-2020-37065

CVE-2020-37065 affects StreamRipper32 version 2.6. The vulnerability is a buffer overflow in the Station/Song Section triggered by the SongPattern input, where payloads exceeding 256 bytes can overwrite memory and potentially lead to arbitrary code execution and application compromise. Documented...

Command Injection

Overview cli-onprem is a CLI tool for infrastructure engineers Affected versions of this package are vulnerable to Command Injection due to the use of shell-invoked subprocess calls with unvalidated input. An attacker can execute arbitrary commands by injecting shell metacharacters in the directo...

syntax-check 安全漏洞

syntax-check is an open source syntax checking tool from fish-shop. A security vulnerability exists in syntax-check, which stems from improper delimiter neutralization in pattern input...

PT-2024-29979 · Fish Shop · Syntax-Check

Name of the Vulnerable Software and Affected Versions: fish-shop/syntax-check versions prior to v1.6.12 fish-shop/syntax-check versions prior to v2.0.0 Description: The issue is related to improper neutralization of delimiters in the pattern input, specifically the command separator ; and command...