Sigstore Framework Legacy TUF Client Path Traversal Vulnerability Allowing Arbitrary File Overwrites

A path traversal vulnerability has been identified in the legacy TUF client of the Sigstore framework, specifically in versions through 1.10.3. The issue arises because the client caches target files to disk without properly validating that the file paths remain within the designated cache directory. This flaw can be exploited by a malicious TUF repository to overwrite arbitrary files, depending on the permissions of the process using the client. However, this vulnerability does not affect users of the public Sigstore deployment, where TUF metadata is safeguarded by a group of trusted collaborators.

Impact

Exploitation of this vulnerability allows for arbitrary file overwriting, constrained by the permissions of the process that is running the client.

Reproduction

The vulnerability can be reproduced by using the legacy TUF client in the Sigstore framework or an older version of Cosign. When the client caches target files, it constructs the file paths by combining the cache base directory with target names derived from signed metadata. The resulting paths can escape the cache directory, leading to unauthorized file overwrites.

Remediation

Users can upgrade to Sigstore version 1.10.4, where this vulnerability has been patched. Alternatively, they can disable disk caching for the legacy TUF client by setting the environment variable SIGSTORE_NO_CACHE=true, or migrate to the updated TUF client available in the Sigstore Go repository.