GHSA-cwf8-44x6-32c2: openclaw Sandbox Escape Vulnerability
Plattform
nodejs
Komponente
openclaw
Behoben in
2026.3.31
GHSA-cwf8-44x6-32c2 describes a sandbox escape vulnerability in the openclaw npm package. This vulnerability arises from OpenShell Mirror Sync, allowing for unrestricted file sync and symlink traversal. This affects openclaw versions up to and including 2026.3.28. The vulnerability is fixed in version 2026.3.31.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is GHSA-cwf8-44x6-32c2?
It's a sandbox escape vulnerability in the openclaw npm package due to insecure file synchronization and symlink handling.
Am I affected by GHSA-cwf8-44x6-32c2?
You are affected if you are using openclaw npm package versions less than or equal to 2026.3.28.
How do I fix GHSA-cwf8-44x6-32c2?
Upgrade your openclaw npm package to version 2026.3.31 or greater.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten