Zip Slip Path Traversal in Snapshot Archive Extraction (Windows-Specific)
Summary
| CVE | CVE-2026-2818 |
|---|---|
| State | PUBLISHED |
| Assigner | HeroDevs |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-02-20 17:25:57 UTC |
| Updated | 2026-06-30 03:18:21 UTC |
| Description | A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only. |
Risk And Classification
Primary CVSS: v3.1 7.1 HIGH from ADP
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS: 0.002720000 probability, percentile 0.189750000 (date 2026-07-01)
Problem Types: CWE-23 | CWE-22 | CWE-23 CWE-23 Relative Path Traversal | CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | ADP | CVSS | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
| 3.1 | 36c7be3b-2937-45df-85ea-ca7133ea542c | Secondary | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N |
| 3.1 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | Secondary | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
| 3.1 | CNA | CVSS | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
RequiredScope
ChangedConfidentiality
LowIntegrity
LowAvailability
LowCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | VMware | Spring Data Geode | affected 2.0.0.RELEASE 2.7.18 maven | Not specified |
| CNA | VMware | Spring Data Gemfire | affected 1.7.0.RELEASE 2.2.13.RELEASE maven | Not specified |
| ADP | Red Hat | Red Hat Fuse 7 | Not specified | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| bugzilla.redhat.com/show_bug.cgi | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | bugzilla.redhat.com | |
| security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2818.json | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | security.access.redhat.com | |
| access.redhat.com/security/cve/CVE-2026-2818 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| www.herodevs.com/vulnerability-directory/cve-2026-2818 | 36c7be3b-2937-45df-85ea-ca7133ea542c | www.herodevs.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| ADP | 2026-02-20T17:03:16.830Z | Reported to Red Hat. |
| ADP | 2026-02-20T16:03:21.032Z | Made public. |
There are currently no legacy QID mappings associated with this CVE.