PT-2026-32076 — Incomplete List of Disallowed Inputs em Npm Openclaw

PT-2026-32076 · Npm · Openclaw

Publicado

2026-03-31

Atualizado

2026-03-31

CVSS v3.1

4.9

Média

Vetor

AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

Summary

Host execution env sanitization did not block GIT TEMPLATE DIR or AWS CONFIG FILE, even though both can redirect trusted tooling to attacker-controlled content.

Impact

An approved exec request could redirect git or AWS CLI behavior through attacker-controlled configuration and execute untrusted code or load attacker-selected credentials.

Affected Component

src/infra/host-env-security-policy.json, src/infra/host-env-security.ts

Fixed Versions

Affected: <= 2026.3.24
Patched: >= 2026.3.28
Latest stable 2026.3.28 contains the fix.

Fix

Fixed by commit 6eb82fba3c (Infra: block additional host exec env keys).

OpenClaw thanks @nicky-cc of Tencent zhuque Lab https://github.com/Tencent/AI-Infra-Guard for reporting.

Correção

Incomplete List of Disallowed Inputs

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-184

Identificadores relacionados

GHSA-M866-6QV5-P2FG

Produtos afetados

Openclaw