HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-50567Published Modified CNA GitHub_M

CVE-2026-50567: Fission: Zip Slip in pkg/utils/zip.go:Unarchive allows fetcher to write outside the destination directory

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Unarchive in pkg/utils/zip.go joined each archive entry name with the destination directory via filepath.Join and wrote the result without checking whether the resolved path stayed under the destination. A zip entry named ../../tmp/evil therefore landed at /tmp/evil. An attacker who could control a Package.Spec.Source.URL or Deployment.URL archive could induce the fetcher (running as the per-environment pod's fission-fetcher sidecar) to write files anywhere that process could reach: into other tenants' /packages/<ns>/ directories, into mounted secret/config volumes, or into the fetcher's own binary. This issue has been patched in version 1.25.0.

Metrics

CVSS v3.1
7.7
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A path traversal vulnerability (Zip Slip) affects the Fission serverless framework for Kubernetes in versions before 1.25.0. The flaw is reachable over the network by any authenticated low-privilege user who can set a Package.Spec.Source.URL or Deployment.URL pointing to a crafted archive; no victim interaction is needed. Successful exploitation lets an attacker write arbitrary files to any location the fission-fetcher sidecar process can reach, enabling tampering with other tenants' package directories, mounted secrets, or the fetcher binary itself. No fix version has been published upstream yet; HarborGuard is tracking the advisory for patch availability.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images that bundle Fission components. Any image containing a vulnerable version of fission (before 1.25.0) is flagged automatically across both registry scans and CI pipeline checks.

Available
Triage

HarborGuard scores this finding at CVSS 7.7 HIGH (v3.1) and applies per-environment compliance policy weighting to determine urgency. Triage signals are routed to the appropriate team inbox within each customer org based on the namespace, registry, and ownership metadata associated with the affected image.

Available
Patch

Because no upstream fix version has been published, HarborGuard re-evaluates this advisory on every ingest cycle and will make a patched-image rebuild available the moment an upstream fix is released. For environments with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will be triggered automatically once a fix version becomes available.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker submits a malicious archive URL over the network to the Fission API; the service must be reachable from the attacker's network position.

  • AuthenticationRequired

    The attacker needs a low-privilege account with permission to create or modify Package or Deployment resources in the Fission API; any such account is sufficient.

  • Victim interactionNot required

    No user interaction is needed; the fetcher sidecar processes the malicious archive autonomously once the resource is submitted.

  • Attack complexityDetail

    Exploitation is reliable and condition-free: crafting a zip entry with a path-traversal sequence (e.g. ../../tmp/evil) and pointing a URL field at it is the only step required.

Blast Radius

  • Writes arbitrary files into other tenants' /packages/<ns>/ directories on shared storage, corrupting or replacing their function packages.
  • Overwrites files in mounted secret or ConfigMap volumes accessible to the fetcher sidecar, exposing or tampering with credentials and configuration data.
  • Replaces the fetcher binary itself, enabling persistent code execution within the per-environment pod on the next fetcher invocation.
  • No confidentiality impact is indicated by the CVSS vector; the attacker gains write capability but not direct read of protected data through this path alone.

How HarborGuard Handles This

Available on HarborGuard: this CVE is matched against all images containing Fission components at each scan cycle, including custom-built Kubernetes operator images. Because no upstream fix has been published, HarborGuard monitors the advisory on every ingest cycle and will make a patched-image rebuild available automatically once version 1.25.0 or a later fix is released upstream. For customers with auto-remediation enabled, the rebuild, regression test run, and PR against affected workloads will be triggered without manual intervention at that point. In the interim, compensating controls worth considering include restricting network policy to limit which principals can submit Package or Deployment resources, applying Kubernetes RBAC to narrow create and update permissions on those resource types to only trusted service accounts, and isolating fetcher pods with restrictive PodSecurity or seccomp profiles to limit the filesystem paths the sidecar can write to.

See how HarborGuard automates this
Affected packages
  • fission / fission
    < 1.25.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
References