Kedro Path Traversal Vulnerability in Versioned Dataset Loading

A path traversal vulnerability has been identified in Kedro versions prior to 1.3.0. The issue arises in the `_get_versioned_path()` method within `kedro/io/core.py`, where the method constructs filesystem paths by directly incorporating user-supplied version strings without proper sanitization. This lack of validation allows traversal sequences, such as '../', to escape the intended versioned dataset directory. The vulnerability can be exploited through various entry points, including `catalog.load(..., version=...)`, `DataCatalog.from_config(..., load_versions=...)`, and the command-line interface (CLI) using `kedro run --load-versions=dataset:../../../secrets`. An attacker who can manipulate the version string could force Kedro to load files from outside the designated version directory, potentially leading to unauthorized file access, data poisoning, or cross-tenant data exposure in shared environments.

Impact

Exploitation of this vulnerability allows for path traversal, enabling attackers to read files from outside the intended directory. This could result in unauthorized access to sensitive information, data manipulation, or, in shared environments, exposure of data from other tenants.

Remediation

Users are advised to upgrade to Kedro version 1.3.0 or later. Additionally, validate version strings before passing them to `DataCatalog` or the CLI to ensure they do not contain `..` segments, path separators, or absolute paths.