Lucene search
K

5 matches found

OSV
OSV
added 2026/06/29 6:2 a.m.5 views

BIT-GITLAB-2026-5309 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without...

5.4CVSS5.8AI score0.00171EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/17 10:17 p.m.10 views

OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure

Summary OpenClaw's outbound host-media attachment read helper could enable host-local file reads based on global or agent-level read access without also honoring sender and group-scoped tool policy. In channel deployments that used toolsBySender or group policy to deny read for less-trusted...

7.7CVSS5.7AI score0.00236EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/17 10:17 p.m.2 views

GHSA-JHPV-5J76-M56H OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure

Summary OpenClaw's outbound host-media attachment read helper could enable host-local file reads based on global or agent-level read access without also honoring sender and group-scoped tool policy. In channel deployments that used toolsBySender or group policy to deny read for less-trusted...

6CVSS5.7AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-55218

Malicious code in bioql PyPI...

7.2AI score0.00202EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.3 views

GitLab Enterprise Edition 安全漏洞

GitLab Enterprise Edition EE is a content management system from the American company GitLab. A security vulnerability exists in GitLab Enterprise Edition versions 16.2 through before 17.7.6, 17.8 through before 17.8.4, and 17.9 through before 17.9.1, which stems from the ability of a Guest user ...

5.4CVSS6.3AI score0.00316EPSS
Exploits1References4
Rows per page
Query Builder