PT-2026-25112 · Npm · Openclaw
Publicado
2026-03-02
·
Atualizado
2026-03-02
CVSS v4.0
8.7
Alta
| Vetor | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Summary
Sandbox media handling had a time-of-check/time-of-use gap: media paths could be validated first and read later through a separate path. A symlink retarget between those steps could cause reads outside
sandboxRoot.Impact
Affected versions could permit host file reads outside the intended sandbox root in media attachment/image flows.
Fix
Media reads now use consolidated root-scoped, boundary-safe read paths at use time, removing check/use drift across call sites.
Affected and Patched Versions
- Affected:
<= 2026.2.26 - Patched:
2026.3.1
Correção
Link Following
Time Of Check To Time Of Use
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Openclaw