CVE-2026-43637 in cornac
Summary
by MITRE • 07/15/2026
Cornac before 2.6.0 contains a path traversal (Tar Slip) vulnerability that allows attackers to write arbitrary files outside the intended cache directory by supplying a crafted TAR archive containing ../ sequences, absolute paths, or symlink/hardlink entries to the _extract_archive() function in cornac/utils/download.py. Attackers can trigger this vulnerability through the built-in dataset loaders, which automatically download and extract archives, causing archive.extractall() to write files to arbitrary locations on the filesystem accessible to the running process.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 07/15/2026
The vulnerability under discussion represents a critical path traversal flaw in the Cornac library version 2.6.0 and earlier, specifically within the archive extraction functionality that enables attackers to manipulate file system writes beyond intended boundaries. This issue manifests as a Tar Slip vulnerability where maliciously crafted tar archives can exploit the _extract_archive() function located in cornac/utils/download.py to write files outside of the designated cache directory. The flaw operates by accepting archive entries containing ../ sequences, absolute paths, or symbolic/hard link references that bypass normal path validation mechanisms during extraction operations.
The technical implementation of this vulnerability stems from improper input sanitization within the archive processing pipeline where the extractall() method is invoked without adequate path validation or normalization. When dataset loaders automatically download and process archives, they inadvertently expose the system to arbitrary file write operations that can overwrite critical system files, create malicious executables, or establish persistent backdoors. The vulnerability specifically leverages the lack of proper path resolution checks that should prevent extraction to locations outside the intended target directory, allowing attackers to manipulate the extraction process through carefully crafted archive contents.
The operational impact of this vulnerability extends beyond simple file system manipulation to encompass potential privilege escalation and persistent access exploitation. Attackers can leverage this flaw to write malicious files to system directories accessible by the running process, potentially compromising system integrity and confidentiality. The vulnerability affects all users of Cornac who utilize built-in dataset loaders that automatically download and extract archives, making it particularly dangerous in production environments where automated data processing occurs. The attack vector is particularly insidious because it requires no direct interaction with vulnerable components beyond providing a malicious archive that gets processed through the legitimate download pipeline.
This vulnerability aligns with CWE-22 Path Traversal and maps to ATT&CK technique T1059 Command and Scripting Interpreter, specifically targeting the execution of malicious payloads through compromised archive extraction processes. The flaw demonstrates poor input validation practices and inadequate sandboxing of archive processing operations that should enforce strict path boundaries during file system operations. Organizations using Cornac in their machine learning workflows face significant risk of compromise when handling datasets from untrusted sources, as the vulnerability can be exploited through legitimate download mechanisms without requiring additional attacker privileges or direct system access.
Mitigation strategies should focus on immediate version upgrades to Cornac 2.6.0 or later where the vulnerability has been addressed through proper path validation and normalization of archive extraction operations. System administrators should implement network-level restrictions preventing automatic downloads from untrusted sources and consider deploying application whitelisting controls that limit which archives can be processed by the library. Additional protective measures include deploying file system monitoring solutions to detect unauthorized file creation in critical directories and implementing proper privilege separation where the library operates with minimal required permissions. The underlying fix involves ensuring that all archive extraction operations validate paths against intended boundaries and normalize absolute paths to prevent traversal outside designated directories, aligning with industry best practices for secure archive handling as recommended by NIST SP 800-53 security controls.