4 matches found
GHSA-JHPV-5J76-M56H OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure
Summary OpenClaw's outbound host-media attachment read helper could enable host-local file reads based on global or agent-level read access without also honoring sender and group-scoped tool policy. In channel deployments that used toolsBySender or group policy to deny read for less-trusted...
OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure
Summary OpenClaw's outbound host-media attachment read helper could enable host-local file reads based on global or agent-level read access without also honoring sender and group-scoped tool policy. In channel deployments that used toolsBySender or group policy to deny read for less-trusted...
EUVD-2022-55218
Malicious code in bioql PyPI...
GitLab Enterprise Edition 安全漏洞
GitLab Enterprise Edition EE is a content management system from the American company GitLab. A security vulnerability exists in GitLab Enterprise Edition versions 16.2 through before 17.7.6, 17.8 through before 17.8.4, and 17.9 through before 17.9.1, which stems from the ability of a Guest user ...