PT-2026-22339 · Google · Google Web Designer
Publicado
2026-02-27
·
Atualizado
2026-03-03
·
CVE-2026-3223
CVSS v4.0
8.4
Alta
| Vetor | AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Google Web Designer (affected versions not specified)
Description
The software is susceptible to a zip slip vulnerability, which can lead to arbitrary file write and potential privilege escalation. A zip slip vulnerability occurs when a program extracts compressed files without properly sanitizing the file names, allowing an attacker to write files to arbitrary locations on the system. This could allow an attacker to overwrite critical system files or execute malicious code.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
LPE
Path traversal
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Google Web Designer