PT-2026-26496 · Npm · Openclaw
Publicado
2026-03-09
·
Atualizado
2026-03-09
CVSS v3.1
9.3
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N |
OpenClaw's
fetchWithSsrFGuard(...) followed cross-origin redirects while preserving arbitrary caller-supplied headers except for a narrow denylist (Authorization, Proxy-Authorization, Cookie, Cookie2). This allowed custom authorization headers such as X-Api-Key, Private-Token, and similar sensitive headers to be forwarded to a different origin after a redirect.The fix switches cross-origin redirect handling from a narrow sensitive-header denylist to a safe-header allowlist, so only benign headers such as content negotiation and cache validators survive an origin change.
Affected Packages / Versions
- Package:
openclaw(npm) - Affected versions:
<= 2026.3.2 - Patched version:
2026.3.7 - Latest published npm version at patch time:
2026.3.2
Impact
A remote service that could trigger a redirect across origins could receive custom authorization credentials attached by OpenClaw callers. This can expose API keys, bearer-style custom headers, or private token headers intended only for the original destination.
Fix Commit(s)
46715371b0612a6f9114dffd1466941ac476cef5
Verification
pnpm checkpassedpnpm test:fastpassed- Focused redirect regression tests passed
pnpm exec vitest run --config vitest.gateway.config.tsstill has unrelated current-mainfailures insrc/gateway/server-channels.test.tsandsrc/gateway/server-methods/agents-mutate.test.ts
Release Process Note
npm
2026.3.7 was published on March 8, 2026. This advisory is fixed in the released package.Thanks @Rickidevs for reporting.
Correção
Incomplete List of Disallowed Inputs
Improper Encoding or Escaping of Output
Insufficiently Protected Credentials
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Openclaw