CVE-2026-45774
MEDIUM SEVERITYVulnerability Description
compliance-trestle Profile Import has an Arbitrary File Read via trestle:// URI and Relative Path Traversal
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
pip
Product
compliance-trestle
External References
- https://github.com/oscal-compass/compliance-trestle/security/advisories/GHSA-mj4x-vf5c-5xg8
- https://github.com/oscal-compass/compliance-trestle/commit/5c65c5926fe7ca908b9c1d281f904e7d97ba8310
- https://github.com/oscal-compass/compliance-trestle/commit/d00a0c2f702c24f7016009fbd626036f5c46f47b
- https://github.com/advisories/GHSA-mj4x-vf5c-5xg8
Discussion (0)
Add Comment
No comments yet. Be the first!