{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2026-2818", "assignerOrgId": "36c7be3b-2937-45df-85ea-ca7133ea542c", "state": "PUBLISHED", "assignerShortName": "HeroDevs", "dateReserved": "2026-02-19T17:07:41.627Z", "datePublished": "2026-02-20T16:03:21.032Z", "dateUpdated": "2026-06-30T12:08:22.607Z" }, "containers": { "cna": { "affected": [ { "defaultStatus": "unaffected", "packageName": "org.springframework.data:spring-data-geode", "product": "Spring Data Geode", "repo": "https://github.com/spring-attic/spring-data-geode", "vendor": "VMware", "versions": [ { "lessThanOrEqual": "2.7.18", "status": "affected", "version": "2.0.0.RELEASE", "versionType": "maven" } ] }, { "defaultStatus": "unaffected", "packageName": "org.springframework.data:spring-data-gemfire", "product": "Spring Data Gemfire", "repo": "https://github.com/spring-attic/spring-data-gemfire", "vendor": "VMware", "versions": [ { "lessThanOrEqual": "2.2.13.RELEASE", "status": "affected", "version": "1.7.0.RELEASE", "versionType": "maven" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only.
" } ], "value": "A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only." } ], "impacts": [ { "capecId": "CAPEC-126", "descriptions": [ { "lang": "en", "value": "CAPEC-126 Path Traversal" } ] }, { "capecId": "CAPEC-139", "descriptions": [ { "lang": "en", "value": "CAPEC-139 Relative Path Traversal" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-23", "description": "CWE-23 Relative Path Traversal", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "orgId": "36c7be3b-2937-45df-85ea-ca7133ea542c", "shortName": "HeroDevs", "dateUpdated": "2026-02-20T16:03:21.032Z" }, "references": [ { "url": "https://www.herodevs.com/vulnerability-directory/cve-2026-2818" } ], "source": { "discovery": "EXTERNAL" }, "tags": [ "unsupported-when-assigned", "x_open-source" ], "title": "Zip Slip Path Traversal in Snapshot Archive Extraction (Windows-Specific)", "x_generator": { "engine": "Vulnogram 0.5.0" } }, "adp": [ { "metrics": [ { "other": { "type": "ssvc", "content": { "timestamp": "2026-02-20T20:12:17.872342Z", "id": "CVE-2026-2818", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T20:12:35.205Z" } }, { "affected": [ { "cpes": [ "cpe:/a:redhat:jboss_fuse:7" ], "defaultStatus": "unaffected", "product": "Red Hat Fuse 7", "vendor": "Red Hat" } ], "datePublic": "2026-02-20T16:03:21.032Z", "descriptions": [ { "lang": "en", "value": "A flaw was found in Spring Data Geode. This zip-slip path traversal vulnerability in the import snapshot functionality allows attackers to write files outside the intended extraction directory. This can lead to unauthorized modification of system files or the introduction of malicious content. This vulnerability primarily affects systems running on Windows operating systems." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE" } ] } ], "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2026-2818" }, { "name": "RHBZ#2441384", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441384" }, { "tags": [ "x_sadp-csaf-vex" ], "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2818.json" } ], "timeline": [ { "lang": "en", "time": "2026-02-20T17:03:16.830Z", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2026-02-20T16:03:21.032Z", "value": "Made public." } ], "title": "org.springframework.data/spring-data-geode: Spring Data Geode: Path traversal vulnerability allows arbitrary file write via import snapshot functionality.", "x_adpType": "supplier", "x_generator": { "engine": "sadp-cli 1.0.0" }, "providerMetadata": { "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c", "shortName": "redhat-SADP", "dateUpdated": "2026-06-30T12:08:22.607Z" } } ] } }