PT-2026-44730 · Pypi · Compliance-Trestle

Published

2026-05-28

·

Updated

2026-05-28

·

CVE-2026-46345

CVSS v3.1

8.4

High

VectorAV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Relevant Products/Components:
  • trestle/core/commands/author/jinja.py
  • trestle author jinja

Detailed Description:

The -o/--output argument in trestle author jinja allows writing files outside the intended workspace.
The application does not properly validate:
  • ../
  • ..
  • absolute paths
This allows arbitrary file write to attacker-controlled locations.
Vulnerable code:
python
output file = trestle root / r output file
An attacker can overwrite files such as:
  • .github/workflows/*.yml
  • .git/hooks/*
  • user writable config files
This can lead to CI/CD compromise or local code execution.

Steps To Reproduce:

  1. Clone the repository:
bash
git clone https://github.com/oscal-compass/compliance-trestle.git
cd compliance-trestle
  1. Create template:
bash
echo "hello" > template.j2
  1. Run:
powershell
trestle author jinja -i template.j2 -o "subdir..........poc.txt"
  1. Observe:
powershell
dir E:poc.txt
The file is written outside the repository workspace.

Browsers Verified In:

Not browser related.
Tested on:
  • Windows 11
  • Python 3.13

Supporting Material/References:

Affected file:
text
trestle/core/commands/author/jinja.py
Successfully verified:
  • directory traversal using ../
  • Windows traversal using ..
  • arbitrary file write outside workspace

Access Vector Required for Exploitation:

Local

Vulnerability Exists in Default Configuration?:

Yes

Is the exploitation trivial or does it involve a multi-step process that may depend on user/victim interaction?:

Trivial. Single command execution.

Exploitation Requires Authentication?:

No

Under what privileges does the vulnerable service or component run?:

Runs with privileges of the user executing the trestle command.

Impact

An attacker can write files outside the intended workspace directory and overwrite sensitive files writable by the current user.
Possible impacts include:
  • overwriting .github/workflows/*.yml to execute attacker-controlled GitHub Actions workflows
  • overwriting .git/hooks/* for local code execution
  • modifying user configuration files such as .bashrc
  • tampering with repository files and generated compliance artifacts
In CI/CD environments, this may result in execution of attacker-controlled commands on build runners.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-36CWE-73CWE-22

Related Identifiers

CVE-2026-46345
GHSA-4Q5V-7G7X-J79W

Affected Products

Compliance-Trestle