+ "details": "**Relevant Products/Components:**\n\n* `trestle/core/commands/author/jinja.py`\n* `trestle author jinja`\n\n---\n\n## Detailed Description:\n\nThe `-o/--output` argument in `trestle author jinja` allows writing files outside the intended workspace.\n\nThe application does not properly validate:\n\n* `../`\n* `..\\`\n* absolute paths\n\nThis allows arbitrary file write to attacker-controlled locations.\n\nVulnerable code:\n\n```python\noutput_file = trestle_root / r_output_file\n```\n\nAn attacker can overwrite files such as:\n\n* `.github/workflows/*.yml`\n* `.git/hooks/*`\n* user writable config files\n\nThis can lead to CI/CD compromise or local code execution.\n\n---\n\n## Steps To Reproduce:\n\n1. Clone the repository:\n\n```bash\ngit clone https://github.com/oscal-compass/compliance-trestle.git\ncd compliance-trestle\n```\n\n2. Create template:\n\n```bash\necho \"hello\" > template.j2\n```\n\n3. Run:\n\n```powershell\ntrestle author jinja -i template.j2 -o \"subdir\\..\\..\\..\\..\\..\\poc.txt\"\n```\n\n4. Observe:\n\n```powershell\ndir E:\\poc.txt\n```\n\nThe file is written outside the repository workspace.\n\n---\n\n## Browsers Verified In:\n\nNot browser related.\n\nTested on:\n\n* Windows 11\n* Python 3.13\n\n---\n\n## Supporting Material/References:\n\nAffected file:\n\n```text\ntrestle/core/commands/author/jinja.py\n```\n\nSuccessfully verified:\n\n* directory traversal using `../`\n* Windows traversal using `..\\`\n* arbitrary file write outside workspace\n\n---\n\n## Access Vector Required for Exploitation:\n\nLocal\n\n---\n\n## Vulnerability Exists in Default Configuration?:\n\nYes\n\n---\n\n## Is the exploitation trivial or does it involve a multi-step process that may depend on user/victim interaction?:\n\nTrivial.\nSingle command execution.\n\n---\n\n## Exploitation Requires Authentication?:\n\nNo\n\n---\n\n## Under what privileges does the vulnerable service or component run?:\n\nRuns with privileges of the user executing the `trestle` command.\n\n## Impact\n\nAn attacker can write files outside the intended workspace directory and overwrite sensitive files writable by the current user.\n\nPossible impacts include:\n\n* overwriting `.github/workflows/*.yml` to execute attacker-controlled GitHub Actions workflows\n* overwriting `.git/hooks/*` for local code execution\n* modifying user configuration files such as `.bashrc`\n* tampering with repository files and generated compliance artifacts\n\nIn CI/CD environments, this may result in execution of attacker-controlled commands on build runners.",
![advisory-database[bot]](https://avatars.githubusercontent.com/in/21409?v=4&size=40){kind=avatar}
0 commit comments