Summary
Deno: `fetch()` API sandbox bypass via missing DNS resolution check
References
Related vulnerabilities
All Supply chain →- MEDIUMGHSA-Q59X-JC9F-GFQF
Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints
- HIGHGHSA-V2WW-5RH7-2H5V
OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns
- LOWGHSA-68XW-R643-9P5W
OpenClaw: Skill-command dispatch could skip before-tool-call hooks
- MEDIUMGHSA-GXG4-2RRR-JHC7
OpenClaw: Hostname checks could treat trailing-dot hosts inconsistently
- HIGHGHSA-WM69-2PC3-RMMF
Crawl4AI: Unauthenticated SSRF on the Docker server streaming crawl path (/crawl/stream)
- LOWGHSA-3MP7-VP6J-2MXX
BBOT: Server-Side Request Forgery (SSRF) in docker_pull module via WWW-Authenticate realm parsing