GHSA-m8wm-r5vq-qjpg: Duplicate Advisory: OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation
(updated )
This advisory has been withdrawn.
References
- github.com/advisories/GHSA-m8wm-r5vq-qjpg
- github.com/openclaw/openclaw/commit/acd4e0a32f12e1ad85f3130f63b42443ce90f094
- github.com/openclaw/openclaw/security/advisories/GHSA-xmxx-7p24-h892
- nvd.nist.gov/vuln/detail/CVE-2026-43585
- www.vulncheck.com/advisories/openclaw-bearer-token-validation-bypass-via-stale-secretref-resolution
Code Behaviors & Features
Detect and mitigate GHSA-m8wm-r5vq-qjpg with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →