Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Primary rating from GitHub Advisory.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
4Blast Radius
ecosystem impact- 179 pypi packages depend on scitokens (7 direct, 174 indirect)
Ecosystem-wide dependent count for version 1.9.7.
DescriptionGitHub Advisory
SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.7, the Enforcer is vulnerable to a path traversal attack where an attacker can use dot-dot (..) in the scope claim of a token to escape the intended directory restriction. This occurs because the library normalizes both the authorized path (from the token) and the requested path (from the application) before comparing them using startswith. This issue has been patched in version 1.9.7.
AnalysisAI
Path traversal in SciTokens library (all versions before 1.9.7) allows authenticated attackers to bypass directory access restrictions and access unauthorized files. Attackers can inject dot-dot-slash sequences (..) into JWT scope claims to escape intended authorization boundaries due to improper path normalization during enforcement checks. CVSS 8.1 (High) with network attack vector and low complexity. EPSS data not available; no confirmed active exploitation (CISA KEV) identified at time of analysis, though publicly available exploit code exists via GitHub advisory and commit references.
Technical ContextAI
SciTokens is a token-based authorization library commonly used in scientific computing and distributed data systems for fine-grained access control to files and resources. The Enforcer component validates JWT tokens containing scope claims that specify authorized paths (e.g., 'read:/data/project1'). The vulnerability (CWE-22: Improper Limitation of a Pathname to a Restricted Directory) arises from the library's path comparison logic: both the authorized path extracted from the token's scope claim and the application-requested path undergo normalization before a simple 'startswith' comparison. An attacker with valid credentials (PR:L in CVSS vector) can craft a token with scope claims containing path traversal sequences like 'read:/data/project1/../../sensitive' which, after normalization, can match or bypass the intended directory prefix check, granting access to files outside the authorized scope. The affected product is identified as cpe:2.3:a:scitokens:scitokens:*:*:*:*:*:*:*:* covering all versions prior to the patched release.
RemediationAI
Upgrade to SciTokens version 1.9.7 or later immediately, as confirmed by the vendor release announcement at https://github.com/scitokens/scitokens/releases/tag/v1.9.7. The patch in commit 2d1cc9e42bc944fe0bbc429b85d166e7156d53f9 (available at https://github.com/scitokens/scitokens/commit/2d1cc9e42bc944fe0bbc429b85d166e7156d53f9) implements proper path validation that prevents traversal sequences from bypassing directory restrictions. Organizations should audit all deployments using SciTokens for authorization, prioritizing internet-facing services and those protecting sensitive data. Review issued tokens for suspicious scope claims containing dot-dot sequences as potential indicators of exploitation attempts. If immediate upgrade is not feasible, implement additional input validation at the application layer to reject tokens with non-normalized paths or traversal sequences in scope claims, though this workaround is inferior to applying the vendor patch. Consult the GitHub security advisory at https://github.com/scitokens/scitokens/security/advisories/GHSA-3x2w-63fp-3qvw and pull request #230 at https://github.com/scitokens/scitokens/pull/230 for additional technical context.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allVendor StatusVendor
SUSE
Severity: HighShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17292
GHSA-3x2w-63fp-3qvw