Untriaged
Permalink
CVE-2026-54250
5.8 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): High (H)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): High (H)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
Activity log
- Created suggestion
K3s: ZIP Archive Path Traversal Vulnerability in etcd Snapshot Decompression
K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to arbitrary locations on the filesystem when an administrator restores the archive as a compressed etcd snapshot. This vulnerability is fixed in 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1.
References
-
https://github.com/k3s-io/k3s/security/advisories/GHSA-jxr7-mqhw-9p98 x_refsource_CONFIRM
Affected products
k3s
- ==< 1.33.10+k3s1
- ==>= 1.34.0-rc1+k3s1, < 1.34.6+k3s1
- ==>= 1.35.0-rc1+k3s1, < 1.35.3+k3s1
Matching in nixpkgs
pkgs.k3s
Lightweight Kubernetes distribution
-
nixos-unstable 1.35.5+k3s1
- nixpkgs-unstable 1.35.4+k3s1
- nixos-unstable-small 1.35.5+k3s1
-
nixos-26.05 1.35.5+k3s1
- nixos-26.05-small 1.35.5+k3s1
- nixpkgs-26.05-darwin 1.35.5+k3s1
pkgs.k3sup
Bootstrap Kubernetes with k3s over SSH
pkgs.k3s_1_32
None
pkgs.k3s_1_33
Lightweight Kubernetes distribution
-
nixos-unstable 1.33.12+k3s1
- nixpkgs-unstable 1.33.11+k3s1
- nixos-unstable-small 1.33.12+k3s1
-
nixos-26.05 1.33.12+k3s1
- nixos-26.05-small 1.33.12+k3s1
- nixpkgs-26.05-darwin 1.33.12+k3s1
pkgs.k3s_1_34
Lightweight Kubernetes distribution
-
nixos-unstable 1.34.8+k3s1
- nixpkgs-unstable 1.34.7+k3s1
- nixos-unstable-small 1.34.8+k3s1
-
nixos-26.05 1.34.8+k3s1
- nixos-26.05-small 1.34.8+k3s1
- nixpkgs-26.05-darwin 1.34.8+k3s1
pkgs.k3s_1_35
Lightweight Kubernetes distribution
-
nixos-unstable 1.35.5+k3s1
- nixpkgs-unstable 1.35.4+k3s1
- nixos-unstable-small 1.35.5+k3s1
-
nixos-26.05 1.35.5+k3s1
- nixos-26.05-small 1.35.5+k3s1
- nixpkgs-26.05-darwin 1.35.5+k3s1
pkgs.k3s_1_36
Lightweight Kubernetes distribution
-
nixos-unstable 1.36.1+k3s1
- nixpkgs-unstable 1.36.0+k3s1
- nixos-unstable-small 1.36.1+k3s1
-
nixos-26.05 1.36.1+k3s1
- nixos-26.05-small 1.36.1+k3s1
- nixpkgs-26.05-darwin 1.36.1+k3s1
Package maintainers
-
@marcusramberg Marcus Ramberg <marcus@means.no>
-
@euank Euan Kemp <euank-nixpkg@euank.com>
-
@Mic92 Jörg Thalheim <joerg@thalheim.io>
-
@rorosen Robert Rose <robert.rose@mailbox.org>
-
@maevii Maevi <me@maevi.net>
-
@wrmilling Winston R. Milling <Winston@Milli.ng>
-
@heywoodlh Spencer Heywood <nixpkgs@heywoodlh.io>
-
@frederictobiasc Frédéric Christ <dev@ntr.li>
-
@welteki Han Verstraete <welteki@pm.me>
-
@qjoly Quentin JOLY <github@une-pause-cafe.fr>