GHSA-cwf8-44x6-32c2: OpenClaw: OpenShell Mirror Sync — Sandbox Escape via Unrestricted File Sync + Symlink Traversal
OpenShell Mirror Sync: Sandbox Escape via Unrestricted File Sync + Symlink Traversal
References
- github.com/advisories/GHSA-cwf8-44x6-32c2
- github.com/openclaw/openclaw
- github.com/openclaw/openclaw/commit/3b9dab0ece4643a9643e6a45459f5c709d3ce320
- github.com/openclaw/openclaw/commit/c02ee8a3a4cb390b23afdf21317aa8b2096854d1
- github.com/openclaw/openclaw/releases/tag/v2026.3.31
- github.com/openclaw/openclaw/security/advisories/GHSA-cwf8-44x6-32c2
Code Behaviors & Features
Detect and mitigate GHSA-cwf8-44x6-32c2 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →