Description
A vulnerability in Kedro version 1.2.0 allows an attacker to exploit path traversal by providing a crafted version string. The `_get_versioned_path()` method in `kedro/io/core.py` directly interpolates user-supplied version strings into filesystem paths without sanitization. This enables an attacker to escape the intended versioned dataset directory and access files outside the expected path. The issue is also reachable through the CLI via the `--load-versions` parameter, as `_split_load_versions()` in `kedro/framework/cli/utils.py` does not validate the version string. This vulnerability can lead to unauthorized file reads, data poisoning, cross-project or cross-tenant data access, and broader downstream impacts in environments where Kedro is used with automation or orchestration layers.
Published: 2026-06-12
Score: 7.1 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A path‑traversal flaw exists in Kedro version 1.2.0 where the version supplied to the CLI or the internal _get_versioned_path function is interpolated directly into a filesystem path without validation. The vulnerability allows an attacker to craft a version string that includes directory‑traversal sequences, enabling reads of files outside the intended dataset directory. This can lead to data leakage, corruption or poisoning, and cross‑project or cross‑tenant information exposure in automated or orchestrated pipelines.

Affected Systems

The affected product is Kedro from kedro-org. Version 1.2.0 is vulnerable. No other versions are listed as affected in the current data.

Risk and Exploitability

The CVSS score of 7.1 indicates a high severity of this flaw. Because the EPSS score is not available, the current exploitation likelihood cannot be quantified, and the vulnerability is not present in the CISA KEV catalog. The attack vector is inferred to be local or remote, depending on who can supply the version parameter – the CLI parameter "--load-versions" exposes an attacker to the ability to embed traversal components when invoking Kedro commands. No known exploit code or public proof of concept is reported in the references. The weakness is classified as CWE-22 (Path Traversal).

Generated by OpenCVE AI on June 12, 2026 at 18:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Kedro to the latest version that contains the path‑traversal fix.
  • If an upgrade cannot be performed immediately, patch the Kedro source by adding input validation to _get_versioned_path() that rejects any path walking sequences such as ".." or leading slashes.
  • Modify the CLI helper _split_load_versions() to only accept strictly sanitized version strings (e.g., only alphanumerics, dashes and dots) before using them to construct a file path.

Generated by OpenCVE AI on June 12, 2026 at 18:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 12 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Kedro-org
Kedro-org kedro
Vendors & Products Kedro-org
Kedro-org kedro

Fri, 12 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 12 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description A vulnerability in Kedro version 1.2.0 allows an attacker to exploit path traversal by providing a crafted version string. The `_get_versioned_path()` method in `kedro/io/core.py` directly interpolates user-supplied version strings into filesystem paths without sanitization. This enables an attacker to escape the intended versioned dataset directory and access files outside the expected path. The issue is also reachable through the CLI via the `--load-versions` parameter, as `_split_load_versions()` in `kedro/framework/cli/utils.py` does not validate the version string. This vulnerability can lead to unauthorized file reads, data poisoning, cross-project or cross-tenant data access, and broader downstream impacts in environments where Kedro is used with automation or orchestration layers.
Title Path Traversal in kedro-org/kedro
Weaknesses CWE-22
References
Metrics cvssV3_0

{'score': 7.1, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}

Subscriptions

Kedro-org Kedro
cve-icon MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published:

Updated: 2026-06-12T17:20:41.923Z

Reserved: 2026-03-09T16:04:48.887Z

Link: CVE-2026-3840

cve-icon Vulnrichment

Updated: 2026-06-12T17:20:33.108Z

cve-icon NVD

Status : Received

Published: 2026-06-12T17:16:22.603

Modified: 2026-06-12T18:16:33.480

Link: CVE-2026-3840

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T20:19:35Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')