2 matches found
GO-2026-5079 Crabbox contains a path traversal vulnerability in the Islo provider's workspace path resolution in github.com/openclaw/crabbox
Crabbox contains a path traversal vulnerability in the Islo provider's workspace path resolution in github.com/openclaw/crabbox...
Path Traversal
github.com/openclaw/crabbox is vulnerable to path traversal. The vulnerability is due to improper validation of workspace path resolution in the Islo provider, which allows an attacker to supply crafted absolute or relative paths through a malicious .crabbox.yaml or crabbox.yaml file to perform...