![[openclaw] OpenClaw has a path traversal in apply_patch could write/delete files outside the workspace](/assets/images/github_com_1771583654808.png)
Security Advisories์ถ์ฒ: GitHub Security Advisories์กฐํ์ 8
[openclaw] OpenClaw has a path traversal in apply_patch could write/delete files outside the workspace
By GitHub2026๋
2์ 20์ผ
**[openclaw] OpenClaw has a path traversal in apply_patch could write/delete files outside the workspace**
Summary In affected versions, when apply_patch was enabled and the agent ran without filesystem sandbox containment, crafted paths could cause file writes/deletes outside the configured workspace directory. Affected Packages / Versions Package: openclaw (npm) Affected: <= 2026.2.13 Fixed: >= 2026.2.14 Details The non-sandbox path resolution in apply_patch did not enforce workspace containment. or absolute paths could escape the working directory in non-sandboxed mode. Impact Practical impact depends on deployment and who can trigger tool execution. This is most relevant when tool invocation is exposed to less-trusted callers or when operators expected workspace-only containment...
---
**[devsupporter ํด์ค]**
์ด ๊ธฐ์ฌ๋ GitHub Security Advisories์์ ์ ๊ณตํ๋ ์ต์ ๊ฐ๋ฐ ๋ํฅ์ ๋๋ค. ๊ด๋ จ ๋๊ตฌ๋ ๊ธฐ์ ์ ๋ํด ๋ ์์๋ณด์๋ ค๋ฉด ์๋ณธ ๋งํฌ๋ฅผ ์ฐธ๊ณ ํ์ธ์.
Summary In affected versions, when apply_patch was enabled and the agent ran without filesystem sandbox containment, crafted paths could cause file writes/deletes outside the configured workspace directory. Affected Packages / Versions Package: openclaw (npm) Affected: <= 2026.2.13 Fixed: >= 2026.2.14 Details The non-sandbox path resolution in apply_patch did not enforce workspace containment. or absolute paths could escape the working directory in non-sandboxed mode. Impact Practical impact depends on deployment and who can trigger tool execution. This is most relevant when tool invocation is exposed to less-trusted callers or when operators expected workspace-only containment...
---
**[devsupporter ํด์ค]**
์ด ๊ธฐ์ฌ๋ GitHub Security Advisories์์ ์ ๊ณตํ๋ ์ต์ ๊ฐ๋ฐ ๋ํฅ์ ๋๋ค. ๊ด๋ จ ๋๊ตฌ๋ ๊ธฐ์ ์ ๋ํด ๋ ์์๋ณด์๋ ค๋ฉด ์๋ณธ ๋งํฌ๋ฅผ ์ฐธ๊ณ ํ์ธ์.