PT-2026-22339 · Google · Google Web Designer

Publicado

2026-02-27

·

Atualizado

2026-03-03

·

CVE-2026-3223

CVSS v4.0

8.4

Alta

VetorAV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions Google Web Designer (affected versions not specified)
Description The software is susceptible to a zip slip vulnerability, which can lead to arbitrary file write and potential privilege escalation. A zip slip vulnerability occurs when a program extracts compressed files without properly sanitizing the file names, allowing an attacker to write files to arbitrary locations on the system. This could allow an attacker to overwrite critical system files or execute malicious code.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-3223

Produtos afetados

Google Web Designer