Skip to content

Commit fbed02c

Browse files
1 parent fa2b0ce commit fbed02c

5 files changed

Lines changed: 324 additions & 46 deletions

File tree

advisories/github-reviewed/2019/05/GHSA-jjpq-gp5q-8q6w/GHSA-jjpq-gp5q-8q6w.json

Lines changed: 116 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-jjpq-gp5q-8q6w",
4-
"modified": "2024-03-11T14:33:57Z",
4+
"modified": "2026-06-18T20:17:35Z",
55
"published": "2019-05-30T03:30:42Z",
66
"aliases": [
77
"CVE-2019-0221"
@@ -44,7 +44,7 @@
4444
"type": "ECOSYSTEM",
4545
"events": [
4646
{
47-
"introduced": "8.0.0"
47+
"introduced": "8.5.0"
4848
},
4949
{
5050
"fixed": "8.5.40"
@@ -71,6 +71,120 @@
7171
]
7272
}
7373
]
74+
},
75+
{
76+
"package": {
77+
"ecosystem": "Maven",
78+
"name": "org.apache.tomcat:tomcat-catalina"
79+
},
80+
"ranges": [
81+
{
82+
"type": "ECOSYSTEM",
83+
"events": [
84+
{
85+
"introduced": "9.0.0"
86+
},
87+
{
88+
"fixed": "9.0.17"
89+
}
90+
]
91+
}
92+
]
93+
},
94+
{
95+
"package": {
96+
"ecosystem": "Maven",
97+
"name": "org.apache.tomcat:tomcat-catalina"
98+
},
99+
"ranges": [
100+
{
101+
"type": "ECOSYSTEM",
102+
"events": [
103+
{
104+
"introduced": "8.5.0"
105+
},
106+
{
107+
"fixed": "8.5.40"
108+
}
109+
]
110+
}
111+
]
112+
},
113+
{
114+
"package": {
115+
"ecosystem": "Maven",
116+
"name": "org.apache.tomcat:tomcat-catalina"
117+
},
118+
"ranges": [
119+
{
120+
"type": "ECOSYSTEM",
121+
"events": [
122+
{
123+
"introduced": "7.0.0"
124+
},
125+
{
126+
"fixed": "7.0.94"
127+
}
128+
]
129+
}
130+
]
131+
},
132+
{
133+
"package": {
134+
"ecosystem": "Maven",
135+
"name": "org.apache.tomcat:tomcat"
136+
},
137+
"ranges": [
138+
{
139+
"type": "ECOSYSTEM",
140+
"events": [
141+
{
142+
"introduced": "9.0.0"
143+
},
144+
{
145+
"fixed": "9.0.17"
146+
}
147+
]
148+
}
149+
]
150+
},
151+
{
152+
"package": {
153+
"ecosystem": "Maven",
154+
"name": "org.apache.tomcat:tomcat"
155+
},
156+
"ranges": [
157+
{
158+
"type": "ECOSYSTEM",
159+
"events": [
160+
{
161+
"introduced": "8.5.0"
162+
},
163+
{
164+
"fixed": "8.5.40"
165+
}
166+
]
167+
}
168+
]
169+
},
170+
{
171+
"package": {
172+
"ecosystem": "Maven",
173+
"name": "org.apache.tomcat:tomcat"
174+
},
175+
"ranges": [
176+
{
177+
"type": "ECOSYSTEM",
178+
"events": [
179+
{
180+
"introduced": "7.0.0"
181+
},
182+
{
183+
"fixed": "7.0.94"
184+
}
185+
]
186+
}
187+
]
74188
}
75189
],
76190
"references": [
Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-68xw-r643-9p5w",
4+
"modified": "2026-06-18T20:16:30Z",
5+
"published": "2026-06-18T20:16:30Z",
6+
"aliases": [
7+
"CVE-2026-53845"
8+
],
9+
"summary": "OpenClaw: Skill-command dispatch could skip before-tool-call hooks",
10+
"details": "### Summary\n\nSkill-command dispatch could skip before-tool-call hooks. In affected versions, a skill command routed through the affected dispatch path could run without the same `runBeforeToolCallHook` coverage as other tool entry points.\n\nThis advisory is scoped to the named feature and configuration. It does not change OpenClaw's trusted-operator model: authenticated Gateway operators, installed plugins, and intentional local execution surfaces remain trusted unless a separate policy, approval, allowlist, sandbox, or auth boundary is crossed.\n\n### Impact\n\nWhen the affected feature is enabled and reachable, this could miss hook-based auditing or policy parity for that command path. Practical impact depends on the operator's configuration and whether lower-trust input can reach that path.\n\n### Patched Versions\n\nThe first stable patched version is `2026.5.6`.\n\n### Mitigations\n\navoid relying on hook-only enforcement for skill commands until patched. As general hardening, keep channel and tool allowlists narrow, avoid sharing one Gateway between mutually untrusted users, and disable the affected feature when it is not needed.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"
15+
},
16+
{
17+
"type": "CVSS_V4",
18+
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
19+
}
20+
],
21+
"affected": [
22+
{
23+
"package": {
24+
"ecosystem": "npm",
25+
"name": "openclaw"
26+
},
27+
"ranges": [
28+
{
29+
"type": "ECOSYSTEM",
30+
"events": [
31+
{
32+
"introduced": "0"
33+
},
34+
{
35+
"fixed": "2026.5.6"
36+
}
37+
]
38+
}
39+
],
40+
"database_specific": {
41+
"last_known_affected_version_range": "<= 2026.5.5"
42+
}
43+
}
44+
],
45+
"references": [
46+
{
47+
"type": "WEB",
48+
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-68xw-r643-9p5w"
49+
},
50+
{
51+
"type": "ADVISORY",
52+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53845"
53+
},
54+
{
55+
"type": "PACKAGE",
56+
"url": "https://github.com/openclaw/openclaw"
57+
},
58+
{
59+
"type": "WEB",
60+
"url": "https://www.vulncheck.com/advisories/openclaw-skill-command-dispatch-hook-bypass-via-before-tool-call-hook-skipping"
61+
}
62+
],
63+
"database_specific": {
64+
"cwe_ids": [
65+
"CWE-693"
66+
],
67+
"severity": "LOW",
68+
"github_reviewed": true,
69+
"github_reviewed_at": "2026-06-18T20:16:30Z",
70+
"nvd_published_at": null
71+
}
72+
}
Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-8c59-hr4w-qg69",
4+
"modified": "2026-06-18T20:17:50Z",
5+
"published": "2026-06-18T20:17:50Z",
6+
"aliases": [
7+
"CVE-2026-53857"
8+
],
9+
"summary": "OpenClaw: Zalo allowFrom could bind to mutable display names",
10+
"details": "### Summary\n\nZalo allowFrom could bind to mutable display names. In affected versions, a Zalo friend or contact with mutable display metadata could match a policy entry through mutable display metadata.\n\nThis advisory is scoped to the named feature and configuration. It does not change OpenClaw's trusted-operator model: authenticated Gateway operators, installed plugins, and intentional local execution surfaces remain trusted unless a separate policy, approval, allowlist, sandbox, or auth boundary is crossed.\n\n### Impact\n\nWhen the affected feature is enabled and reachable, this could receive agent responses intended for another Zalo identity. Practical impact depends on the operator's configuration and whether lower-trust input can reach that path.\n\n### Patched Versions\n\nThe first stable patched version is `2026.5.3`.\n\n### Mitigations\n\nuse stable Zalo identifiers where available and keep friend access restricted until patched. As general hardening, keep channel and tool allowlists narrow, avoid sharing one Gateway between mutually untrusted users, and disable the affected feature when it is not needed.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"
15+
},
16+
{
17+
"type": "CVSS_V4",
18+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
19+
}
20+
],
21+
"affected": [
22+
{
23+
"package": {
24+
"ecosystem": "npm",
25+
"name": "openclaw"
26+
},
27+
"ranges": [
28+
{
29+
"type": "ECOSYSTEM",
30+
"events": [
31+
{
32+
"introduced": "0"
33+
},
34+
{
35+
"fixed": "2026.5.3"
36+
}
37+
]
38+
}
39+
],
40+
"database_specific": {
41+
"last_known_affected_version_range": "<= 2026.5.2"
42+
}
43+
}
44+
],
45+
"references": [
46+
{
47+
"type": "WEB",
48+
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-8c59-hr4w-qg69"
49+
},
50+
{
51+
"type": "ADVISORY",
52+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53857"
53+
},
54+
{
55+
"type": "PACKAGE",
56+
"url": "https://github.com/openclaw/openclaw"
57+
},
58+
{
59+
"type": "WEB",
60+
"url": "https://www.vulncheck.com/advisories/openclaw-mutable-display-name-binding-in-zalo-allowfrom-policy"
61+
}
62+
],
63+
"database_specific": {
64+
"cwe_ids": [
65+
"CWE-290"
66+
],
67+
"severity": "HIGH",
68+
"github_reviewed": true,
69+
"github_reviewed_at": "2026-06-18T20:17:50Z",
70+
"nvd_published_at": null
71+
}
72+
}
Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-w7m7-3xcf-mp48",
4+
"modified": "2026-06-18T20:17:21Z",
5+
"published": "2026-06-16T21:31:59Z",
6+
"withdrawn": "2026-06-18T20:17:21Z",
7+
"aliases": [],
8+
"summary": "Duplicate Advisory: Zalo allowFrom could bind to mutable display names",
9+
"details": "## Duplicate Advisory\n\nThis advisory has been withdrawn because it is a duplicate of GHSA-8c59-hr4w-qg69. This link is maintained to preserve external references.\n\n## Original Description\nOpenClaw before 2026.5.3 contains a policy enforcement vulnerability where Zalo contacts with mutable display metadata could match allowFrom policy entries through display name changes. Attackers with mutable display names could receive agent responses intended for different Zalo identities when the feature is enabled.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
18+
}
19+
],
20+
"affected": [
21+
{
22+
"package": {
23+
"ecosystem": "npm",
24+
"name": "openclaw"
25+
},
26+
"ranges": [
27+
{
28+
"type": "ECOSYSTEM",
29+
"events": [
30+
{
31+
"introduced": "0"
32+
},
33+
{
34+
"last_affected": "2026.5.2"
35+
}
36+
]
37+
}
38+
]
39+
}
40+
],
41+
"references": [
42+
{
43+
"type": "WEB",
44+
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-8c59-hr4w-qg69"
45+
},
46+
{
47+
"type": "ADVISORY",
48+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53857"
49+
},
50+
{
51+
"type": "WEB",
52+
"url": "https://www.vulncheck.com/advisories/openclaw-mutable-display-name-binding-in-zalo-allowfrom-policy"
53+
}
54+
],
55+
"database_specific": {
56+
"cwe_ids": [
57+
"CWE-290"
58+
],
59+
"severity": "HIGH",
60+
"github_reviewed": true,
61+
"github_reviewed_at": "2026-06-18T20:17:21Z",
62+
"nvd_published_at": "2026-06-16T19:17:03Z"
63+
}
64+
}

advisories/unreviewed/2026/06/GHSA-w7m7-3xcf-mp48/GHSA-w7m7-3xcf-mp48.json

Lines changed: 0 additions & 44 deletions
This file was deleted.

0 commit comments

Comments
 (0)