Summary
pydantic-settings: NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size
References
Related vulnerabilities
All Supply chain →- MEDIUMGHSA-6X2M-P4XP-WG22
Network-AI: EnvironmentManager.backup() follows symlinked directories and copies files outside the environment root into backups
- MEDIUMGHSA-F9M7-VC86-P6JJ
go.qbee.io/transport: Symlink-chain path traversal in tar extraction (one level outside destination)
- CRITICALGHSA-2JQ4-Q6VV-4CP3
Crawl4AI: Arbitrary file write (path traversal) in crawler downloads can lead to RCE
- LOWGHSA-RVP7-W75Q-9FV2
BBOT: Symlink-Following Arbitrary Write via github_workflows Module
- HIGHGHSA-869J-R97X-HX2G
Anki's local HTTP server does not sufficiently validate requests
- HIGHGHSA-CC8F-FCX3-GPJR
SurrealDB: Arbitrary file read via DEFINE ANALYZER mapper() filter