Entire CLI: Path traversal in checkpoint session metadata allows arbitrary file write during resume/rewind
📋 Description
Impact
A path traversal vulnerability in Entire CLI allows an attacker with push access to the checkpoints repository to craft malicious checkpoint metadata that causes entire session resume or entire checkpoint rewind to write attacker-controlled transcript data outside of the expected session directory.
The issue occurs because checkpoint metadata is fetched from the remote entire/checkpoints/v1 branch and the SessionID field was used to construct filesystem paths without validation in the restore path. A malicious SessionID containing absolute paths or path traversal sequences could cause arbitrary files on the victim’s machine to be overwritten.
Patches
The patched versions (v0.7.7 or v0.7.8-nightly.*) observe stronger input validation and enforce traversal-resistant primitives to ensure that only descending directories can be accessed by the affected commands.
Workarounds
If upgrading immediately is not possible:
- Do not run
entire session resumeorentire checkpoint rewindon repositories where untrusted users can push toentire/checkpoints/v1. - Restrict push access to shared repositories until all collaborators have upgraded.
- Inspect the
entire/checkpoints/v1branch for suspicious checkpoint metadata before resuming or rewinding. - Remove or protect shell initialization files and other sensitive user-writable files where feasible.
These mitigations reduce exposure but do not fully address the vulnerability. Upgrading is recommended.
Credits
Thanks Navtej Kathuria for privately reporting this issue to the Entire Security team.
🎯 Affected products1
- go/github.com/entireio/cli:<= 0.7.6