CVE-2026-35492
MEDIUMSeverity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
3DescriptionGitHub Advisory
Impact
PartitionedDataset in kedro-datasets was vulnerable to path traversal. Partition IDs were concatenated directly with the dataset base path without validation. An attacker or malicious input containing .. components in a partition ID could cause files to be written outside the configured dataset directory, potentially overwriting arbitrary files on the filesystem. Users of PartitionedDataset with any storage backend (local filesystem, S3, GCS, etc.) are affected.
Patches
Yes. The vulnerability has been patched in kedro-datasets version 9.3.0. Users should upgrade to kedro-datasets >= 9.3.0. The fix normalizes constructed paths using posixpath.normpath and validates that the resolved path remains within the dataset base directory before use, raising a DatasetError if the path escapes the base directory.
Workarounds
Users who cannot upgrade should validate partition IDs before passing them to PartitionedDataset, ensuring they do not contain .. path components.
References
Fix: https://github.com/kedro-org/kedro-plugins/pull/1346 Report: https://github.com/kedro-org/kedro/issues/5452
AnalysisAI
Path traversal in kedro-datasets PartitionedDataset allows authenticated attackers to write files outside the configured dataset directory by injecting .. components into partition IDs, potentially overwriting arbitrary files on affected systems. The vulnerability affects all versions prior to 9.3.0 across all storage backends (local filesystem, S3, GCS, etc.). A vendor-released patch is available; no public exploit code or active exploitation has been identified at the time of analysis.
Technical ContextAI
PartitionedDataset in kedro-datasets (pkg:pip/kedro-datasets) concatenates partition IDs directly with the dataset base path without proper validation, creating a path traversal vulnerability (CWE-22). The underlying issue stems from insufficient input sanitization: partition IDs containing path traversal sequences (such as ..) are not normalized or validated before path construction. This allows an attacker to construct malicious partition identifiers that, when concatenated with the base directory path, resolve to locations outside the intended dataset directory. The vulnerability exists across all storage backends because the path construction and validation logic is implemented at the library level before backend-specific operations occur.
RemediationAI
Vendor-released patch: upgrade to kedro-datasets version 9.3.0 or later. The patched version normalizes constructed paths using posixpath.normpath and validates that resolved paths remain within the dataset base directory, raising a DatasetError if path escape is attempted. For users unable to upgrade immediately, validate partition IDs before passing them to PartitionedDataset, ensuring they do not contain .. or other path traversal sequences. Refer to the GitHub advisory at https://github.com/advisories/GHSA-cjg8-h5qc-hrjv and the patch details at https://github.com/kedro-org/kedro-plugins/pull/1346 for implementation guidance. The fix commit 65115f76b872217317734b6bde8927170c98fc4b can be reviewed for exact code changes.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-cjg8-h5qc-hrjv