Description
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard only inspects the literal URI.toString(), so a URL-encoded .. written as %2E%2E slips through. The downstream code then calls URI.getPath(), which decodes %2E%2E back to .., and the resulting path is handed to Paths.get(...) without normalization. The OS resolves the .. segments at open(2) time, so an authenticated user with a single execution can read any file the Kestra process has access to on the host filesystem (/etc/passwd, mounted secrets, other tenants' execution outputs, etc.). This vulnerability is fixed in 1.0.43 and 1.3.19.
Published: 2026-06-26
Score: 7.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Kestra’s API allows a client to supply a kestra:// URI that is later parsed by a storage guard which only examines the raw string representation. If the URI contains a URL‑encoded '..' sequence (e.g., %2E%2E) the guard accepts it but the code later decodes it before converting the path into a file system path. Because the path is passed to the operating system without normalization, the OS resolves the '..' segments at open(2) time, enabling a user that can trigger a single execution to read any file that the Kestra process can access, including system files, secrets, or data belonging to other tenants. The primary impact is confidentiality breach via arbitrary file disclosure.

Affected Systems

Kestra, the open‑source event‑driven orchestration platform from kestra‑io, is affected. Versions prior to 1.0.43 and 1.3.19 are vulnerable. The flaw resides in API endpoints that accept kestra:// URIs.

Risk and Exploitability

Its CVSS score of 7.7 signals a high‑severity flaw that can lead to confidential data disclosure. The EPSS score is not available, and the vulnerability is not listed in CISA KEV, so current exploitation activity is unknown. However, the required conditions are minimal: an authenticated user with execution rights can trigger a single request containing a URL‑encoded traversal sequence. Because the open() call resolves the directory traversal at kernel time, any file accessible to the Kestra process can be exfiltrated. Attackers could therefore read sensitive host files such as /etc/passwd, mounted secrets, or data belonging to other tenants. The lack of an EPSS value does not negate the potential impact, and organizations that host Kestra should treat this as a high risk to confidentiality.

Generated by OpenCVE AI on June 26, 2026 at 22:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Kestra to version 1.0.43 or newer, ensuring the path traversal guard correctly normalizes URI paths before file access.
  • If upgrading immediately is not possible, disable or restrict access to the execution and namespace endpoints that accept kestra:// URIs, limiting the exposure to users who do not require this functionality.
  • Review and enforce strict access controls so that only trusted users are allowed to trigger executions, and consider validating or sanitizing URI inputs to block encoded directory traversal sequences.

Generated by OpenCVE AI on June 26, 2026 at 22:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Description Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard only inspects the literal URI.toString(), so a URL-encoded .. written as %2E%2E slips through. The downstream code then calls URI.getPath(), which decodes %2E%2E back to .., and the resulting path is handed to Paths.get(...) without normalization. The OS resolves the .. segments at open(2) time, so an authenticated user with a single execution can read any file the Kestra process has access to on the host filesystem (/etc/passwd, mounted secrets, other tenants' execution outputs, etc.). This vulnerability is fixed in 1.0.43 and 1.3.19.
Title Kestra: Path traversal via URL-encoded "%2E%2E" in execution and namespace file endpoints allows arbitrary file read
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 7.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-26T20:57:13.891Z

Reserved: 2026-05-13T08:19:32.604Z

Link: CVE-2026-45807

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T22:45:05Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')