29 matches found
Path Traversal
compliance-trestle is vulnerable to Path Traversal. The vulnerability is due to improper validation of file paths, which allows an attacker to exploit path traversal and write arbitrary files to unintended locations on the filesystem...
GHSA-GG2G-P7XC-QQMM compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)
A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...
compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)
A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...
Improper Neutralization of Special Elements Used in a Template Engine
Overview compliance-trestle is a Tools to manage & autogenerate python objects representing the OSCAL layers/models Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the rendertemplate method. An attacker can execute...
Server-side Request Forgery (SSRF)
Overview compliance-trestle is a Tools to manage & autogenerate python objects representing the OSCAL layers/models Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the HTTPSFetcher.dofetch function. A user can access internal services or cloud metadata...
compliance-trestle - jinja has an Arbitrary File Write via Path Traversal
Relevant Products/Components: trestle/core/commands/author/jinja.py trestle author jinja --- Detailed Description: The -o/--output argument in trestle author jinja allows writing files outside the intended workspace. The application does not properly validate: ../ ..\ absolute paths This allows...
External Control of File Name or Path
Overview compliance-trestle is a Tools to manage & autogenerate python objects representing the OSCAL layers/models Affected versions of this package are vulnerable to External Control of File Name or Path via the -o/--output argument in the trestle author jinja. An attacker can overwrite arbitra...
GHSA-4Q5V-7G7X-J79W compliance-trestle - jinja has an Arbitrary File Write via Path Traversal
Relevant Products/Components: trestle/core/commands/author/jinja.py trestle author jinja --- Detailed Description: The -o/--output argument in trestle author jinja allows writing files outside the intended workspace. The application does not properly validate: ../ ..\ absolute paths This allows...
GHSA-MJ4X-VF5C-5XG8 compliance-trestle Profile Import has an Arbitrary File Read via trestle:// URI and Relative Path Traversal
Summary The compliance-trestle library's profile import mechanism resolves trestle:// URIs and relative file paths by joining them with trestleroot and calling .resolve, but performs no boundary check to ensure the resolved path stays within the trestle workspace. An attacker can craft a maliciou...
compliance-trestle Profile Import has an Arbitrary File Read via trestle:// URI and Relative Path Traversal
Summary The compliance-trestle library's profile import mechanism resolves trestle:// URIs and relative file paths by joining them with trestleroot and calling .resolve, but performs no boundary check to ensure the resolved path stays within the trestle workspace. An attacker can craft a maliciou...
PT-2026-44548
A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...
PT-2026-44729
Name of the Vulnerable Software and Affected Versions compliance-trestle version 4.0.2 Description The profile import mechanism in the compliance-trestle library fails to perform boundary checks when resolving trestle:// URIs and relative file paths. By joining these paths with trestle root and...
GHSA-G3VG-VX23-3858 compliance-trestle Remote Fetching Mechanism has an Arbitrary File Write via Cache Path Traversal
Summary The compliance-trestle library's remote fetching cache mechanism HTTPSFetcher and SFTPFetcher constructs the local cache file path from the URL path component without sanitizing path traversal sequences ../. When a remote OSCAL profile references a URL with traversal in its path, the HTTP...
compliance-trestle Remote Fetching Mechanism has an Arbitrary File Write via Cache Path Traversal
Summary The compliance-trestle library's remote fetching cache mechanism HTTPSFetcher and SFTPFetcher constructs the local cache file path from the URL path component without sanitizing path traversal sequences ../. When a remote OSCAL profile references a URL with traversal in its path, the HTTP...
Directory Traversal
Overview compliance-trestle is a Tools to manage & autogenerate python objects representing the OSCAL layers/models Affected versions of this package are vulnerable to Directory Traversal through remote cache fetching. An attacker can write arbitrary files to locations outside the intended cache...
EUVD-2021-0831
Malware in sbrugna...
CVE-2021-29435
trestle-auth is an authentication plugin for the Trestle admin framework. A vulnerability in trestle-auth versions 0.4.0 and 0.4.1 allows an attacker to create a form that will bypass Rails' built-in CSRF protection when submitted by a victim with a trestle-auth admin session. This potentially...
animalia (>=0.0.27 <=0.0.28), appyratus (>=3.0.3 <=3.0.4) +35 more potentially affected by CVE-2022-34749 via mistune (>=2.0.0a4 <=2.0.2)
mistune PYPI version =2.0.0a4, =0.0.27, =3.0.3, =0.1.0, =0.11.0, =0.20.7, =0.0.5, =0.0.13, =1.0.18, =0.0.1, =0.1.3 - datapackage-pipelines-spss =0.0.2a0 - embryo =3.0.1 and more Source cves: CVE-2022-34749 Source advisory: OSV:PYSEC-2022-237...
Cross-site Request Forgery (CSRF)
Overview trestle-auth is an authentication plugin for the Trestle admin framework. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF. An attacker can create a form that will bypass Rails' built-in CSRF protection when submitted by a victim with a trestle-auth adm...
Cross-site Request Forgery (CSRF)
trestle-auth is vulnerable to cross-site request forgery. An attacker is able to create a form that will bypass Rails' built-in CSRF protection when submitted by a victim with a trestle-auth admin session, allowing to alter protected data, including admin account credentials...