GHSA-56f2-hvwg-5743: OpenClaw affected by SSRF in Image Tool Remote Fetch
A server-side request forgery (SSRF) vulnerability in the Image tool allowed attackers to force OpenClaw to make HTTP requests to arbitrary internal or restricted network targets.
References
- github.com/advisories/GHSA-56f2-hvwg-5743
- github.com/openclaw/openclaw
- github.com/openclaw/openclaw/commit/81c68f582d4a9a20d9cca9f367d2da9edc5a65ae
- github.com/openclaw/openclaw/commit/9bd64c8a1f91dda602afc1d5246a2ff2be164647
- github.com/openclaw/openclaw/releases/tag/v2026.2.2
- github.com/openclaw/openclaw/security/advisories/GHSA-56f2-hvwg-5743
Code Behaviors & Features
Detect and mitigate GHSA-56f2-hvwg-5743 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →