Propagate client config to queries. Fixes CVE-2025-0914

djoreilly · djoreilly · commit b92a4a0def71 · 2025-08-29T13:44:04.000+01:00
Prevents overriding the client config to bypass prevent_execve.
diff --git a/actions/vql.go b/actions/vql.go
@@ -147,6 +147,7 @@ func (self VQLClientAction) StartQuery(
 
 	builder := services.ScopeBuilder{
 		Config: &config_proto.Config{
+			Client:		config_obj.Client,
 			Remappings: config_obj.Remappings,
 		},
 		// Only provide the client config since we are running in
