Oscal Compass
Products
1- 5 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46439 | hig | 0.39 | — | 0.00 | May 28, 2026 | A High severity Server-Side Template Injection (SSTI) vulnerability exists in the `trestle author jinja` command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting… | ||
| CVE-2026-46345 | hig | 0.39 | — | 0.00 | May 28, 2026 | **Relevant Products/Components:** * `trestle/core/commands/author/jinja.py` * `trestle author jinja` --- ## Detailed Description: The `-o/--output` argument in `trestle author jinja` allows writing files outside the intended workspace. The application does not properly… | ||
| CVE-2026-45725 | hig | 0.39 | — | 0.00 | May 27, 2026 | ## Summary The compliance-trestle library's remote fetching cache mechanism (HTTPSFetcher and SFTPFetcher) constructs the local cache file path from the URL path component without sanitizing path traversal sequences (`../`). When a remote OSCAL profile references a URL with… | ||
| CVE-2026-46380 | 0.00 | — | 0.00 | May 28, 2026 | A source code audit led to the discovery of three significant security vulnerabilities in the trestle/core/remote/cache.py module. **Finding 1 (Critical): SSRF (CWE-918)** The HTTPSFetcher._do_fetch() method passes a user-supplied URL directly to requests.get() without… | |||
| CVE-2026-45774 | 0.00 | — | 0.00 | May 28, 2026 | ## Summary The compliance-trestle library's profile import mechanism resolves `trestle://` URIs and relative file paths by joining them with `trestle_root` and calling `.resolve()`, but performs **no boundary check** to ensure the resolved path stays within the trestle… |
- risk 0.39cvss —epss 0.00
A High severity Server-Side Template Injection (SSTI) vulnerability exists in the `trestle author jinja` command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting…
- risk 0.39cvss —epss 0.00
**Relevant Products/Components:** * `trestle/core/commands/author/jinja.py` * `trestle author jinja` --- ## Detailed Description: The `-o/--output` argument in `trestle author jinja` allows writing files outside the intended workspace. The application does not properly…
- risk 0.39cvss —epss 0.00
## Summary The compliance-trestle library's remote fetching cache mechanism (HTTPSFetcher and SFTPFetcher) constructs the local cache file path from the URL path component without sanitizing path traversal sequences (`../`). When a remote OSCAL profile references a URL with…
- CVE-2026-46380May 28, 2026risk 0.00cvss —epss 0.00
A source code audit led to the discovery of three significant security vulnerabilities in the trestle/core/remote/cache.py module. **Finding 1 (Critical): SSRF (CWE-918)** The HTTPSFetcher._do_fetch() method passes a user-supplied URL directly to requests.get() without…
- CVE-2026-45774May 28, 2026risk 0.00cvss —epss 0.00
## Summary The compliance-trestle library's profile import mechanism resolves `trestle://` URIs and relative file paths by joining them with `trestle_root` and calling `.resolve()`, but performs **no boundary check** to ensure the resolved path stays within the trestle…