Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Network endpoint with low complexity, requires only the lowest authenticated role (PR:L); reading files outside the storage sandbox and across tenants is a scope change (S:C) with confidentiality-only impact.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past the guard using backslashes (..\..\..\); the guard sees a harmless string, and the path is only rewritten to ../../../ after validation, immediately before the file is opened. Any authenticated user who can view an execution (the lowest-privilege role) can call GET /api/v1/{tenant}/executions/{executionId}/file?path=… and read any file on the server filesystem readable by the Kestra process, outside the storage sandbox and across every tenant and namespace. This includes the embedded H2 database (all flows, all users, all stored secrets), internal storage of every other tenant/namespace, mounted secret files, and the process environment (/proc/self/environ) which contains configured database and secret-backend credentials. It is a complete breach of Kestra's storage isolation and multi-tenancy boundary. This vulnerability is fixed in 1.0.45 and 1.3.23.
AnalysisAI
Authenticated path traversal in Kestra's local internal-storage backend (versions prior to 1.0.45 and 1.3.23) lets any low-privilege user with execution-view access read arbitrary files on the host. The flaw stems from validation ordering: the guard checks for '..' sequences before backslashes are normalized to forward slashes, so a Windows-style '..\..\..\' payload bypasses the check and is rewritten to a real traversal only after validation. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated account with at least the execution-view role (the lowest-privilege role per CVSS PR:L) and a target Kestra instance configured to use the local internal-storage backend, which is what serves files through the GET /api/v1/{tenant}/executions/{executionId}/file endpoint. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N (base 7.7, High) is internally consistent with the description: network-reachable, low complexity, requires only the lowest authenticated role, no user interaction, scope-changed (sandbox/tenant escape), with high confidentiality impact and no integrity or availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A user holding only the execution-viewer role logs in, opens any execution they can see, and issues GET /api/v1/{tenant}/executions/{executionId}/file?path=..\..\..\proc/self/environ. The backslash-encoded traversal slips past the validation guard and is canonicalized just before the file is opened, returning the process environment containing database and secret-backend credentials; the attacker repeats this to dump the H2 database and other tenants' stored secrets. … |
| Remediation | Upgrade to a fixed release: Vendor-released patch: Kestra 1.0.45 (for the 1.0.x line) or 1.3.23 (for the 1.3.x line), per advisory GHSA-qw4v-6w32-xx9h (https://github.com/kestra-io/kestra/security/advisories/GHSA-qw4v-6w32-xx9h). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all Kestra installations and document version numbers currently deployed. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Kestra versions 1.1.10 and earlier allow authenticated users to perform cross-site scripting (XSS) attacks through the e
Unauthenticated remote code execution affects Kestra OSS (the open-source event-driven orchestration platform) prior to
Unauthenticated remote code execution in Kestra orchestration platform before 1.0.45 and 1.3.21 lets anonymous attackers
Offline administrator password recovery in Kestra OSS (versions prior to 1.3.24) stems from its BasicAuth component stor
Arbitrary file read in Kestra orchestration platform (versions prior to 1.0.43 and 1.3.19) lets an authenticated user wi
Cross-site scripting in Kestra orchestration platform versions up to 1.3.3 enables authenticated flow authors to inject
Path traversal in Kestra's `inputFiles` task mechanism allows remote attackers to write arbitrary files to the worker fi
Unauthorized file read in Kestra's execution preview API allows any authenticated tenant user to access output files fro
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39920