Homepage

@openclaw/tlon@2026.2.21

OpenClaw Tlon/Urbit channel plugin

  • latest version

    2026.2.21

  • first published

    1 months ago

  • latest version published

    1 months ago

  • View tlon package health on Snyk  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the @openclaw/tlon package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • L
    Incorrect Authorization

    @openclaw/tlon is an OpenClaw Tlon/Urbit channel plugin

    Affected versions of this package are vulnerable to Incorrect Authorization in the reconciliation process for Tlon settings when explicit empty allowlists are treated as unset. An attacker can bypass intended access revocation by exploiting the incorrect handling of empty allowlists, which may silently revert a deny-all configuration.

    How to fix Incorrect Authorization?

    A fix was pushed into the master branch but not yet published.

    >=0.0.0
    • M
    Incorrect Authorization

    @openclaw/tlon is an OpenClaw Tlon/Urbit channel plugin

    Affected versions of this package are vulnerable to Incorrect Authorization via the cite expansion process before authorization is complete. An attacker can access or manipulate content prior to proper authorization by triggering cite expansion before the final authorization decision.

    How to fix Incorrect Authorization?

    A fix was pushed into the master branch but not yet published.

    >=0.0.0
    Go back to all versions of this package