Duplicate Advisory: OpenClaw's skills-install-download can be redirected outside the tools root by rebinding the validated base path
Moderate severity
GitHub Reviewed
Published
Mar 29, 2026
to the GitHub Advisory Database
•
Updated Apr 6, 2026
Withdrawn
This advisory was withdrawn on Apr 6, 2026
Description
Published by the National Vulnerability Database
Mar 29, 2026
Published to the GitHub Advisory Database
Mar 29, 2026
Reviewed
Apr 6, 2026
Withdrawn
Apr 6, 2026
Last updated
Apr 6, 2026
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-vhwf-4x96-vqx2. This link is maintained to preserve external references.
Original Description
OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the tools root lexically but reuses the mutable path during archive download and copy operations. A local attacker can rebind the tools-root path between validation and final write to redirect the installer outside the intended tools directory.
References