ChatterBot: Symlink-Following Arbitrary Write via UbuntuCorpusTrainer — GHSA-WVRH-2F4M-924V
GitHub · GitHub · GHSA-WVRH-2F4M-924V
ID
GHSA-WVRH-2F4M-924V
GHSA-WVRH-2F4M-924V
Date
Activity
Source
GitHub
GitHub
Vendor
GitHub
GitHub
Threat
medium
medium
CVSS
5.5
5.5
Summary
## Summary ChatterBot's `UbuntuCorpusTrainer.extract()` uses a predictable, home-rooted output directory (`~/ubuntu_data/ubuntu_dialogs`) with a check-then-create pattern (`if not os.path.exists: os.makedirs`) followed by `tar.extractall(path=self.data_path)`. A local attacker who pre-plants a symlink at the predictable path causes `os.path.exists()` to return True (following the symlink), skipping `makedirs`, and…
Product
pip: ChatterBot
What to do
General, cautious steps (verify details in the official source):
- Review exposure and plan remediation based on risk and environment.
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.