Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Network API reachable (AV:N) with simple encoded-traversal payload (AC:L), requires a low-privilege authenticated execution account (PR:L), no interaction; reads host/cross-tenant files beyond the storage authority (S:C, C:H) with no integrity or availability impact.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard only inspects the literal URI.toString(), so a URL-encoded .. written as %2E%2E slips through. The downstream code then calls URI.getPath(), which decodes %2E%2E back to .., and the resulting path is handed to Paths.get(...) without normalization. The OS resolves the .. segments at open(2) time, so an authenticated user with a single execution can read any file the Kestra process has access to on the host filesystem (/etc/passwd, mounted secrets, other tenants' execution outputs, etc.). This vulnerability is fixed in 1.0.43 and 1.3.19.
AnalysisAI
Arbitrary file read in Kestra orchestration platform (versions prior to 1.0.43 and 1.3.19) lets an authenticated user with execution privileges read any file accessible to the Kestra process via a URL-encoded path-traversal in kestra:// storage URIs. The parentTraversalGuard checks only the literal URI string, so %2E%2E bypasses it before URI.getPath() decodes it back to '..', exposing /etc/passwd, mounted secrets, and other tenants' execution outputs. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated Kestra account with privileges to create or run at least one execution (CVSS PR:L), and the target instance must be running a vulnerable version (prior to 1.0.43 or 1.3.19) using the local storage backend that resolves kestra:// URIs through StorageInterface.parentTraversalGuard. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The supplied CVSS:3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N = 7.7 High) indicates a network-reachable, low-complexity attack requiring only low privileges and no user interaction, with high confidentiality impact and a scope change - consistent with the description's claim that any authenticated user with one execution can read host files and cross tenant boundaries. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who holds a low-privilege Kestra account creates or triggers an execution and submits a kestra:// URI containing a URL-encoded traversal such as kestra://...%2E%2E%2E%2E/etc/passwd; the guard passes the literal string but URI.getPath() decodes it, and the OS resolves the '..' to read the target file. The same technique reads mounted Kubernetes/Docker secrets or other tenants' execution outputs, exfiltrating credentials usable for further compromise. … |
| Remediation | Upgrade to a patched release: Kestra 1.0.43 for the 1.0.x branch or 1.3.19 for the 1.3.x branch (Vendor-released patch: 1.0.43 and 1.3.19), as documented in advisory GHSA-3529-p4wf-xp79 (https://github.com/kestra-io/kestra/security/advisories/GHSA-3529-p4wf-xp79). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify and document all Kestra deployments and their current versions. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Kestra versions 1.1.10 and earlier allow authenticated users to perform cross-site scripting (XSS) attacks through the e
Unauthenticated remote code execution affects Kestra OSS (the open-source event-driven orchestration platform) prior to
Unauthenticated remote code execution in Kestra orchestration platform before 1.0.45 and 1.3.21 lets anonymous attackers
Offline administrator password recovery in Kestra OSS (versions prior to 1.3.24) stems from its BasicAuth component stor
Authenticated path traversal in Kestra's local internal-storage backend (versions prior to 1.0.45 and 1.3.23) lets any l
Cross-site scripting in Kestra orchestration platform versions up to 1.3.3 enables authenticated flow authors to inject
Path traversal in Kestra's `inputFiles` task mechanism allows remote attackers to write arbitrary files to the worker fi
Unauthorized file read in Kestra's execution preview API allows any authenticated tenant user to access output files fro
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39921