Skip to main content

onenote_parser CVE-2026-46671

MEDIUM
Path Traversal (CWE-22)
2026-05-21 https://github.com/msiemens/onenote.rs GHSA-4j5m-wc25-pvh7
4.4
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
4.4 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
Low

Lifecycle Timeline

2
Source Code Evidence Fetched
May 21, 2026 - 22:43 vuln.today
Analysis Generated
May 21, 2026 - 22:43 vuln.today

DescriptionGitHub Advisory

Impact

A maliciously crafted .onetoc2 table-of-contents file can cause Parser::parse_notebook to open arbitrary files on the host filesystem outside the notebook's directory. The parser reads entry names listed inside the .onetoc2 and joins them against the notebook's base directory without validating that they are relative paths confined to that directory.

The parser will bail out when the target file fails to parse as a OneNote section, so direct content exfiltration through the parser's return value is not practical, though file-existence probing and denial-of-service via large or special files remain possible.

Anyone using onenote_parser to parse .onetoc2 files received from untrusted sources is affected. Users who only ever parse their own notebooks are not at meaningful risk.

Patches

Fixed in onenote_parser 1.1.1. The fix rejects absolute paths, parent-directory components, and other invalid path characters in entry names, and additionally canonicalises the resolved path to confirm it stays inside the notebook's base directory.

Workarounds

For users who cannot upgrade to 1.1.1:

  • Only call Parser::parse_notebook on .onetoc2 files from trusted sources.
  • Alternatively, use Parser::parse_section / Parser::parse_section_buffer on individual .one files, which do not perform the directory walk.

AnalysisAI

Path traversal in the Rust crate onenote_parser (versions before 1.1.1) enables an attacker who supplies a malicious .onetoc2 notebook table-of-contents file to direct Parser::parse_notebook to open arbitrary files on the host filesystem outside the intended notebook directory. While direct content exfiltration is constrained by the parser aborting when a target file fails to parse as a OneNote section, file-existence probing and denial-of-service via large or special files (e.g., named pipes, device nodes) remain viable attack outcomes. No public exploit has been identified and no confirmed active exploitation exists; vendor-released patch version 1.1.1, published 2026-05-15, resolves the issue.

Technical ContextAI

The onenote_parser Rust crate (pkg:rust/onenote_parser) implements parsing of Microsoft OneNote formats, including .onetoc2 table-of-contents files that enumerate section file entry names. The vulnerable Parser::parse_notebook function reads these entry names and appended them directly to the notebook's base directory path using PathBuf::push() without any validation that the result remained within that directory - a textbook CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) root cause. An attacker could supply entry names containing absolute paths (e.g., /etc/passwd), parent-directory components (../), or other traversal sequences to redirect the parser to arbitrary filesystem locations. The fix in commit c9267b2c96e2542be7e7b557d67318e81b733585 introduces a dedicated resolve_entry_path function that rejects absolute paths and ParentDir, RootDir, and Prefix path components, applies sanitise-file-name crate validation to each filename component, and then canonicalizes both the base directory and resolved candidate path to confirm via starts_with() that the result is genuinely contained within the notebook directory.

RemediationAI

Upgrade to onenote_parser 1.1.1, available on crates.io and confirmed via the CHANGELOG at https://github.com/msiemens/onenote.rs/blob/master/CHANGELOG.md#111---2026-05-15 and the fix commit at https://github.com/msiemens/onenote.rs/commit/c9267b2c96e2542be7e7b557d67318e81b733585. For users who cannot immediately upgrade: restrict Parser::parse_notebook calls to .onetoc2 files from verified trusted sources only, eliminating the untrusted-input attack surface with no functional trade-off for trusted-source use cases. Alternatively, replace notebook-level parsing with direct calls to Parser::parse_section or Parser::parse_section_buffer on individual .one files - these functions do not perform the directory walk and are unaffected by this vulnerability, but this workaround requires application-level refactoring and foregoes automatic notebook structure discovery via .onetoc2. Vendor advisory: https://github.com/msiemens/onenote.rs/security/advisories/GHSA-4j5m-wc25-pvh7.

Share

CVE-2026-46671 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy