5 matches found
EUVD-2026-39512
K3s: ZIP Archive Path Traversal Vulnerability in etcd Snapshot Decompression...
CVE-2026-54250
K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to...
CVE-2026-54250
K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to...
CVE-2026-54250 K3s: ZIP Archive Path Traversal Vulnerability in etcd Snapshot Decompression
K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to...
PT-2026-52538
Name of the Vulnerable Software and Affected Versions K3s versions prior to 1.35.3+k3s1 K3s versions prior to 1.34.6+k3s1 K3s versions prior to 1.33.10+k3s1 Description A path traversal issue exists in the etcd snapshot decompression functionality. This occurs when an administrator restores a...