CVE-2026-32727

MEDIUM EPSS 40.0%
Published Mar 31, 20263mo ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Mar 31, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.7, the Enforcer is vulnerable to a path traversal attack where an attacker can use dot-dot (..) in the scope claim of a token to escape the intended directory restriction. This occurs because the library normalizes both the authorized path (from the token) and the requested path (from the application) before comparing them using startswith. This issue has been patched in version 1.9.7.

CVSS Details

Base Score
6.5
Exploitability
2.8
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
40.0% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 1

VendorProductVersionRange
scitokensscitokens_library* <1.9.7

References 4

  • github.com https://github.com/scitokens/scitokens/commit/2d1cc9e42bc944fe0bbc429b85d166e7156d53f9
    Patch
  • github.com https://github.com/scitokens/scitokens/pull/230
    Issue Tracking
  • github.com https://github.com/scitokens/scitokens/releases/tag/v1.9.7
    Release Notes
  • github.com https://github.com/scitokens/scitokens/security/advisories/GHSA-3x2w-63fp-3qvw
    ExploitVendor Advisory

Remediation

  • github.com https://github.com/scitokens/scitokens/commit/2d1cc9e42bc944fe0bbc429b85d166e7156d53f9
    Patch