GHSA-3pxq-f3cp-jmxp
OpenClaw: Unified root-bound write hardening for browser output and related path-boundary flows
Details
### Summary A path-confinement bypass in browser output handling allowed writes outside intended roots in `openclaw` versions up to and including `2026.3.1`.
The fix unifies root-bound, file-descriptor-verified write semantics and canonical path-boundary validation across browser output and related install/skills write paths.
### Affected Packages / Versions - Package: `openclaw` (npm) - Latest published npm version at triage time: `2026.3.1` - Affected range: `<= 2026.3.1` - Patched release: `2026.3.2` (released)
### Fix Commit(s) - `104d32bb64cdf19d5e77f70553a511a2ae90ad1c`
### Technical Notes - Browser output writes now use root-bound, fd/inode-verified commit flow. - Install + skills path checks now share canonical in-base validation to reduce drift and close equivalent escape surfaces. - Added regression coverage for symlink-rebind and root-bound source-path write behavior.
Are you affected?
Enter the version of the package you're using.