CVE-2026-45774

Name of the Vulnerable Software and Affected Versions compliance-trestle version 4.0.2

Description The profile import mechanism in the compliance-trestle library fails to perform boundary checks when resolving trestle:// URIs and relative file paths. By joining these paths with trestle root and calling .resolve(), the system allows the resolution of paths outside the intended trestle workspace. An attacker can exploit this by providing a malicious OSCAL profile YAML containing path traversal sequences in the imports[].href parameter to read arbitrary files from the server filesystem. This can be achieved through three vectors: using the trestle:// URI scheme, using relative paths in href, or using back matter rlinks with traversal paths. This issue can lead to credential theft, system reconnaissance, or supply chain attacks if a malicious profile is imported from a public catalog.

Recommendations For version 4.0.2, implement a boundary check using is relative to(self. trestle root) after the path is resolved in the LocalFetcher class to ensure the resolved path remains within the trestle root. This fix should be applied to both trestle:// URI handling and relative path handling. Additionally, enforce the TRESTLE HREF REGEX validation to restrict allowed URI formats.