GHSA-2H46-9X5W-4WF7
Vulnerability from github – Published: 2026-06-19 15:00 – Updated: 2026-06-19 15:00Impact
A path traversal vulnerability in Entire CLI allows an attacker with push access to the checkpoints repository to craft malicious checkpoint metadata that causes entire session resume or entire checkpoint rewind to write attacker-controlled transcript data outside of the expected session directory.
The issue occurs because checkpoint metadata is fetched from the remote entire/checkpoints/v1 branch and the SessionID field was used to construct filesystem paths without validation in the restore path. A malicious SessionID containing absolute paths or path traversal sequences could cause arbitrary files on the victim’s machine to be overwritten.
Patches
The patched versions (v0.7.7 or v0.7.8-nightly.*) observe stronger input validation and enforce traversal-resistant primitives to ensure that only descending directories can be accessed by the affected commands.
Workarounds
If upgrading immediately is not possible:
- Do not run
entire session resumeorentire checkpoint rewindon repositories where untrusted users can push toentire/checkpoints/v1. - Restrict push access to shared repositories until all collaborators have upgraded.
- Inspect the
entire/checkpoints/v1branch for suspicious checkpoint metadata before resuming or rewinding. - Remove or protect shell initialization files and other sensitive user-writable files where feasible.
These mitigations reduce exposure but do not fully address the vulnerability. Upgrading is recommended.
Credits
Thanks Navtej Kathuria for privately reporting this issue to the Entire Security team.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.7.6"
},
"package": {
"ecosystem": "Go",
"name": "github.com/entireio/cli"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.7.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-73"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-19T15:00:01Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Impact\n\nA path traversal vulnerability in Entire CLI allows an attacker with push access to the checkpoints repository to craft malicious checkpoint metadata that causes `entire session resume` or `entire checkpoint rewind` to write attacker-controlled transcript data outside of the expected session directory.\n\nThe issue occurs because checkpoint metadata is fetched from the remote `entire/checkpoints/v1` branch and the `SessionID` field was used to construct filesystem paths without validation in the restore path. A malicious `SessionID` containing absolute paths or path traversal sequences could cause arbitrary files on the victim\u2019s machine to be overwritten.\n\n### Patches\n\nThe patched versions (`v0.7.7` or `v0.7.8-nightly.*`) observe stronger input validation and enforce traversal-resistant primitives to ensure that only descending directories can be accessed by the affected commands. \n\n### Workarounds\nIf upgrading immediately is not possible:\n\n- Do not run `entire session resume` or `entire checkpoint rewind` on repositories where untrusted users can push to `entire/checkpoints/v1`.\n- Restrict push access to shared repositories until all collaborators have upgraded.\n- Inspect the `entire/checkpoints/v1` branch for suspicious checkpoint metadata before resuming or rewinding.\n- Remove or protect shell initialization files and other sensitive user-writable files where feasible.\n\nThese mitigations reduce exposure but do not fully address the vulnerability. Upgrading is recommended.\n\n### Credits\nThanks Navtej Kathuria for privately reporting this issue to the Entire Security team.",
"id": "GHSA-2h46-9x5w-4wf7",
"modified": "2026-06-19T15:00:01Z",
"published": "2026-06-19T15:00:01Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/entireio/cli/security/advisories/GHSA-2h46-9x5w-4wf7"
},
{
"type": "WEB",
"url": "https://github.com/entireio/cli/pull/1365"
},
{
"type": "WEB",
"url": "https://github.com/entireio/cli/pull/1449"
},
{
"type": "PACKAGE",
"url": "https://github.com/entireio/cli"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:H/SA:H",
"type": "CVSS_V4"
}
],
"summary": "Entire CLI: Path traversal in checkpoint session metadata allows arbitrary file write during resume/rewind"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.