4 matches found
EUVD-2026-25318
OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...
CVE-2026-41334
OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...
CVE-2026-41334 OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass
OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...
GHSA-W85G-3H6X-4XH2 OpenClaw: Image pixel-limit guard can fail open on sips and allow decompression-bomb DoS
Summary Image pixel-limit guard can fail open on sips and allow decompression-bomb DoS Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: Shipped v2026.3.28 image processing could fail open on oversized pixel counts and allow decompression-bomb DoS, an availabili...