CVE-2026-45774: compliance-trestle Profile Import has an Arbitrary File Read via trestle:// URI and Relative Path Traversal
The compliance-trestle library’s profile import mechanism resolves trestle:// URIs and relative file paths by joining them with trestle_root and calling .resolve(), but performs no boundary check to ensure the resolved path stays within the trestle workspace. An attacker can craft a malicious OSCAL profile YAML with imports[].href containing path traversal sequences to read arbitrary files from the server filesystem.
Three attack vectors confirmed:
- PT-001:
trestle://../../etc/passwd— via trestle:// URI scheme - PT-002:
../../etc/passwd— via relative path in href - PT-003: back_matter rlinks with traversal paths
Preconditions: Victim must import/resolve an attacker-controlled OSCAL profile YAML.
References
- github.com/advisories/GHSA-mj4x-vf5c-5xg8
- github.com/oscal-compass/compliance-trestle/commit/5c65c5926fe7ca908b9c1d281f904e7d97ba8310
- github.com/oscal-compass/compliance-trestle/commit/d00a0c2f702c24f7016009fbd626036f5c46f47b
- github.com/oscal-compass/compliance-trestle/security/advisories/GHSA-mj4x-vf5c-5xg8
- nvd.nist.gov/vuln/detail/CVE-2026-45774
Code Behaviors & Features
Detect and mitigate CVE-2026-45774 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →