GHSA-57gh-m6rq-54cf: openclaw Arbitrary File Read Vulnerability
Plattform
nodejs
Komponente
openclaw
Behoben in
2026.3.31
GHSA-57gh-m6rq-54cf describes an arbitrary file read vulnerability in the openclaw npm package. The vulnerability stems from media local roots self-whitelisting, allowing model-initiated arbitrary host file read and credential exfiltration. This affects openclaw versions up to and including 2026.3.28. The vulnerability is fixed in version 2026.3.31.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is GHSA-57gh-m6rq-54cf?
It's an arbitrary file read vulnerability in the openclaw npm package due to insecure media local roots handling.
Am I affected by GHSA-57gh-m6rq-54cf?
You are affected if you are using openclaw npm package versions less than or equal to 2026.3.28.
How do I fix GHSA-57gh-m6rq-54cf?
Upgrade your openclaw npm package to version 2026.3.31 or greater.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten