Headline
GHSA-rrgf-hcr9-jq6h: TinyScientist has Path Traversal Vulnerability in PDF Review Function (CWE-22)
Description
A critical path traversal vulnerability (CWE-22) has been identified in the review_paper function in backend/app.py. The vulnerability allows malicious users to access arbitrary PDF files on the server by providing crafted file paths that bypass the intended security restrictions.
Impact
This vulnerability allows attackers to:
- Read any PDF file accessible to the server process
- Potentially access sensitive documents outside the intended directory
- Perform reconnaissance on the server’s file system structure
Vulnerable Code
The issue occurs in the review_paper function around line 744:
if pdf_path.startswith("/api/files/"):
# Safe path handling for API routes
relative_path = pdf_path[len("/api/files/"):]
generated_base = os.path.join(project_root, "generated")
absolute_pdf_path = os.path.join(generated_base, relative_path)
else:
absolute_pdf_path = pdf_path # VULNERABLE: Direct use of user input
Proof of Concept
curl -X POST http://localhost:5000/api/review \
-H "Content-Type: application/json" \
-d '{"pdf_path": "/etc/passwd"}'
Credit
This vulnerability was discovered and reported by Ruizhe.
Description
A critical path traversal vulnerability (CWE-22) has been identified in the review_paper function in backend/app.py. The vulnerability allows malicious users to access arbitrary PDF files on the server by providing crafted file paths that bypass the intended security restrictions.
Impact
This vulnerability allows attackers to:
- Read any PDF file accessible to the server process
- Potentially access sensitive documents outside the intended directory
- Perform reconnaissance on the server’s file system structure
Vulnerable Code
The issue occurs in the review_paper function around line 744:
if pdf_path.startswith(“/api/files/”): # Safe path handling for API routes relative_path = pdf_path[len(“/api/files/”):] generated_base = os.path.join(project_root, “generated”) absolute_pdf_path = os.path.join(generated_base, relative_path) else: absolute_pdf_path = pdf_path # VULNERABLE: Direct use of user input
Proof of Concept
curl -X POST http://localhost:5000/api/review \ -H “Content-Type: application/json” \ -d ‘{"pdf_path": "/etc/passwd"}’
Credit
This vulnerability was discovered and reported by Ruizhe.
References
- GHSA-rrgf-hcr9-jq6h
- https://nvd.nist.gov/vuln/detail/CVE-2025-55149
- ulab-uiuc/tiny-scientist@7fd4287