OpenClaw's SSRF protection could be bypassed using full-form IPv4-mapped IPv6 literals such as 0:0:0:0:0:ffff:7f00:1 (which is 127.0.0.1). This could allow requests that should be blocked (loopback / private network / link-local metadata) to pass the SSRF guard.
The SSRF guard's IP classification did not consistently detect private IPv4 addresses when they were embedded in IPv6 using full-form IPv4-mapped IPv6 notation. As a result, inputs like 0:0:0:0:0:ffff:7f00:1 could bypass loopback/private network blocking.
Fix Commit(s)
c0c0e0f9aecb913e738742f73e091f2f72d39a19
Release Process Note
This advisory is kept in draft state with the patched version set to the planned next release. Once [email protected] is published to npm, the only remaining step should be to publish this advisory.