11 matches found
CVE-2026-44933
PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries like /bin/bash with root privileges...
EUVD-2026-31074
PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries like /bin/bash with root privileges...
USN-8230-1 docker.io-app vulnerabilities
It was discovered that BuildKit, contained within Docker, incorrectly handled file path validation when processing frontend API messages. An attacker could possibly use this issue to write files outside of the intended state directory. CVE-2026-33747 It was discovered that BuildKit, contained...
USN-8230-1: Docker vulnerabilities
It was discovered that BuildKit, contained within Docker, incorrectly handled file path validation when processing frontend API messages. An attacker could possibly use this issue to write files outside of the intended state directory. CVE-2026-33747 It was discovered that BuildKit, contained...
GHSA-35MW-5VVR-VRXC OpenClaw contains a symlink traversal vulnerability
OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended...
OpenClaw contains a symlink traversal vulnerability
OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended...
CVE-2026-43570
OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended...
CVE-2026-43570 OpenClaw 2026.3.22 < 2026.4.5 - Symlink Traversal in Remote Marketplace Repository Path Handling
OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended...
PT-2026-37025
OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended...
BuildKit 后置链接漏洞
BuildKit is a concurrent, cache-efficient build tool package developed by Moby. Versions of BuildKit prior to 0.28.1 contained a post-link vulnerability. This vulnerability stemmed from insufficient validation of Git URL fragment sub-directory components, which could allow access to files outside...
Subversion: Access restriction bypass by checkout of the root of the repository
authz.c in the moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz shortcircuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass...