2 matches found
GHSA-474H-PRJG-MMW3 OpenClaw: Sandboxed sessions_spawn(runtime="acp") bypassed sandbox inheritance and allowed host ACP initialization
Summary Sandboxed sessionsspawnruntime="acp" could bypass sandbox inheritance and initialize host-side ACP runtime. The fix now fail-closes ACP spawn from sandboxed requester sessions and rejects sandbox="require" for runtime="acp". Affected Packages / Versions - Package: openclaw npm - Latest...
Incorrect Privilege Assignment
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Privilege Assignment via the sessionsspawn process when using runtime="acp" in a sandboxed environment. An attacker can gain unauthorized access to host-side ACP initialization ...