CVE-2023-0591: Path traversal in ubi-reader
5.5
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.47317%
CWE
Published
1/31/2023
Updated
11/18/2024
KEV Status
No
Technology
Python
Technical Details
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| ubi-reader | pip | < 0.8.5 | 0.8.5 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from how dent_node.name was handled in extract_dents. The pre-patch code joined user-controlled node names (dent_node.name) with the output path without sanitization. The commit diff shows the vulnerability was fixed by adding an is_safe_path check specifically in extract_dents, confirming this was the vulnerable function. The CVE description explicitly cites node name handling as the root cause, and the patch modifies this function's logic to add security checks.