Publish GHSA-jwf4-8wf4-jf2m

Author: advisory-database[bot]

advisories/github-reviewed/2026/03/GHSA-jwf4-8wf4-jf2m/GHSA-jwf4-8wf4-jf2m.json

@@ -0,0 +1,71 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-jwf4-8wf4-jf2m",
+  "modified": "2026-03-04T19:44:50Z",
+  "published": "2026-03-04T19:44:50Z",
+  "aliases": [],
+  "summary": "OpenClaw: BlueBubbles (optional plugin) pairing/allowlist mismatch when allowFrom is empty",
+  "details": "### Summary\nBlueBubbles is an optional OpenClaw channel plugin. A configuration-sensitive access-control mismatch allowed DM senders to be treated as authorized when `dmPolicy` was `pairing` or `allowlist` and `allowFrom` was empty/unset.\n\n### Severity Rationale (Medium)\nSeverity is set to **medium** because:\n- this affects an optional plugin, not core messaging surfaces;\n- many deployments use owner-controlled/private BlueBubbles identities with limited external reachability;\n- practical exploitability depends on an untrusted sender being able to reach that specific BlueBubbles account identifier.\n\nIn typical personal/self-hosted BlueBubbles setups, the mapped Apple identity is single-owner and not broadly reachable, so this is usually low practical risk.\n\nRisk is higher in deployments where the identifier is publicly reachable and/or agent tool permissions are broad.\n\n### Technical Details\n1. BlueBubbles DM policy defaults to `pairing` (`dmPolicy ?? \"pairing\"`).\n2. Effective allowlist can be empty (`effectiveAllowFrom`).\n3. DM/reaction authorization called `isAllowedBlueBubblesSender(...)`.\n4. That delegated to shared `isAllowedParsedChatSender(...)`, which previously returned `true` for empty allowlists.\n5. Result: unknown senders could bypass intended pairing/allowlist gating when `allowFrom` was empty.\n\n### Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Vulnerable versions: `<= 2026.2.21-2`\n- Planned fixed version: `2026.2.22`\n\n### Fix\nThe shared parsed-chat allowlist helper now fails closed on empty allowlists, restoring expected BlueBubbles DM gating behavior. BlueBubbles inbound gating was also refactored to use one shared DM/group decision helper for both message and reaction paths to reduce future drift.\n\n### Fix Commit(s)\n- `9632b9bcf032c5f2280c3103961fde912ab1f920`\n- `2ba6de7eaad812e5e8603018e14e54e96bdd57dd`\n- `51c0893673de8e5cea64e64351dbfa4680ba0dec`\n- `4540790cb62412676f7b61cfc6e47443f84a251e`\n\nOpenClaw thanks @tdjackey for reporting.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "openclaw"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2026.2.22"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jwf4-8wf4-jf2m"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/commit/2ba6de7eaad812e5e8603018e14e54e96bdd57dd"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/commit/4540790cb62412676f7b61cfc6e47443f84a251e"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/commit/51c0893673de8e5cea64e64351dbfa4680ba0dec"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/openclaw/openclaw/commit/9632b9bcf032c5f2280c3103961fde912ab1f920"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/openclaw/openclaw"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-863"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-03-04T19:44:50Z",
+    "nvd_published_at": null
+  }
+}