14 matches found
CVE-2026-27976
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor asynctar::Archive::unpack creates symlinks from the archive without validation, and the path guard writeablepathfromextension only performs lexical prefix checks without resolving...
CVE-2026-27976
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor asynctar::Archive::unpack creates symlinks from the archive without validation, and the path guard writeablepathfromextension only performs lexical prefix checks without resolving...
CVE-2026-27800
Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...
CVE-2026-27976 Zed Extension Sandbox Escape via Tar Symlink Following
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor asynctar::Archive::unpack creates symlinks from the archive without validation, and the path guard writeablepathfromextension only performs lexical prefix checks without resolving...
CVE-2026-27976
Zed code editor’s extension installer is affected by CVE-2026-27976 prior to version 0.224.4. The tar extractor (async_tar::Archive::unpack) creates symlinks from archives without validation, and the path guard (writeable_path_from_extension) relies on lexical checks without resolving symlinks. A...
CVE-2026-27976 Zed Extension Sandbox Escape via Tar Symlink Following
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor asynctar::Archive::unpack creates symlinks from the archive without validation, and the path guard writeablepathfromextension only performs lexical prefix checks without resolving...
EUVD-2026-8778
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor asynctar::Archive::unpack creates symlinks from the archive without validation, and the path guard writeablepathfromextension only performs lexical prefix checks without resolving...
CVE-2026-27976 Zed Extension Sandbox Escape via Tar Symlink Following
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor asynctar::Archive::unpack creates symlinks from the archive without validation, and the path guard writeablepathfromextension only performs lexical prefix checks without resolving...
CVE-2026-27800 Zed has Zip Slip Path Traversal in Extension Archive Extraction
Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...
CVE-2026-27800 Zed has Zip Slip Path Traversal in Extension Archive Extraction
Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...
EUVD-2026-8773
Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...
CVE-2026-27800 Zed has Zip Slip Path Traversal in Extension Archive Extraction
Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...
CVE-2026-27800
Zed code editor prior to 0.224.4 is vulnerable to Zip Slip in extension archive extraction. The extract_zip() function in crates/util/src/archive.rs does not validate ZIP entry filenames for path traversal (e.g., ../), allowing a malicious extension to write outside the sandbox by downloading and...
PT-2026-22048
Name of the Vulnerable Software and Affected Versions Zed versions prior to 0.224.4 Description A Zip Slip Path Traversal issue exists in the extension archive extraction functionality. The extract zip function, located in crates/util/src/archive.rs, does not validate ZIP entry filenames for path...