CVE-2026-35167
Path Traversal in Kedro Versions Allows Unauthorized File Access
Publication date: 2026-04-06
Last updated on: 2026-04-14
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linuxfoundation | kedro | to 1.3.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-35167 is a path traversal vulnerability in the Kedro Python package versions prior to 1.3.0. The issue occurs in the _get_versioned_path() method, which constructs filesystem paths by directly using user-supplied version strings without sanitizing them. Because these version strings are used as parts of the file path, malicious inputs containing traversal sequences like ../ can escape the intended versioned dataset directory.
This vulnerability can be exploited through multiple entry points such as catalog.load(..., version=...), DataCatalog.from_config(..., load_versions=...), and the CLI command kedro run --load-versions=dataset:../../../secrets. An attacker who can control the version string can cause Kedro to load files from arbitrary locations outside the designated directory.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can force Kedro to load files from outside the intended version directory, which can lead to unauthorized file reads, data poisoning, or cross-tenant data access in shared or multi-tenant environments.
This means sensitive files could be exposed, data integrity could be compromised, and data from other tenants or users could be accessed improperly.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if Kedro versions prior to 1.3.0 are in use and if any version strings passed to dataset loading functions or CLI commands contain path traversal sequences such as '../'.
Specifically, you can look for usage of the following entry points with suspicious version strings:
- catalog.load(..., version=...)
- DataCatalog.from_config(..., load_versions=...)
- CLI commands like kedro run --load-versions=dataset:../../../secrets
To detect exploitation attempts or presence of unsafe version strings, you can search your codebase or logs for version parameters containing '../' or absolute paths.
Example commands to detect such patterns might include:
- grep -r "version=.*\.\./" /path/to/kedro/project
- grep -r "--load-versions=.*\.\./" /path/to/kedro/project
- Review logs for suspicious file access outside expected directories.
What immediate steps should I take to mitigate this vulnerability?
The primary immediate step to mitigate this vulnerability is to upgrade Kedro to version 1.3.0 or later, where the issue has been fixed.
If upgrading is not immediately possible, you should validate all version strings before passing them to DataCatalog or the CLI to ensure they do not contain path traversal sequences (such as '..'), path separators, or absolute paths.
This validation prevents malicious inputs from escaping the intended versioned dataset directory and loading unauthorized files.
Additionally, review and restrict who can influence version strings to reduce the risk of exploitation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an attacker to use path traversal sequences in version strings to access files outside the intended dataset directory. This can lead to unauthorized file reads, data poisoning, or cross-tenant data access in shared environments.
Such unauthorized access to sensitive or personal data could result in violations of data protection regulations and standards like GDPR or HIPAA, which require strict controls on data confidentiality and access.
Therefore, if exploited, this vulnerability could compromise compliance by exposing protected data to unauthorized parties.