← Toutes les vulnérabilités
MEDIUMSupply chain
GHSA-GWXR-7H77-7777
go · github.com/projectcapsule/capsule
Résumé
Capsule: Incomplete fix of CVE-2026-30963: singular/plural typo leaves namespaces/finalize unprotected
Références
Vulnérabilités liées
Tout Supply chain →- MEDIUMGHSA-4HPG-MP64-X7XQ
OpenClaw: Internal/webchat command auth could inherit ownerAllowFrom wildcard state
- HIGHGHSA-V2WW-5RH7-2H5V
OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns
- LOWGHSA-8J37-5W68-WJ2G
OpenClaw: BlueBubbles sender policy could match mutable conversation identifiers
- HIGHGHSA-5CJ2-3JR2-5H77
OpenClaw: Shell positional parameters could weaken strict inline-eval checks
- MEDIUMGHSA-W5CV-PW74-4RXC
opentelemetry-collector-contrib: githubreceiver silently ignores configured required_headers authentication
- HIGHGHSA-7QW2-W5RC-37X2
PraisonAI recipe workflow policy can be bypassed by declaring and YAML-approving dangerous tools outside TEMPLATE.yaml