漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
OpenClaw hardened cron webhook delivery against SSRF
Vulnerability Description
OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, Cron webhook delivery in src/gateway/server-cron.ts uses fetch() directly, so webhook targets can reach private/metadata/internal endpoints without SSRF policy checks. This issue was fixed in version 2026.2.19.
CVSS Information
N/A
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
OpenClaw 代码问题漏洞
Vulnerability Description
OpenClaw是openclaw开源的一个智能人工助理。 OpenClaw 2026.2.17及之前版本存在代码问题漏洞,该漏洞源于Cron webhook交付使用fetch直接调用,可能导致webhook目标访问私有或内部端点。
CVSS Information
N/A
Vulnerability Type
N/A