HIGH 7.7

CVE-2026-50567: Fission Path Traversal in Archive Extraction (CVSS 7.7)

Fission, an open-source serverless framework for Kubernetes, contains a path traversal vulnerability in its archive extraction logic. When Fission fetches and extracts archives (zip files) from URLs specified in Package or Deployment configurations, it fails to validate that extracted files remain within the intended destination directory. An attacker who controls the archive URL can craft a malicious zip file with entries using relative path sequences like `../../` to write files outside the target directory. This allows unauthorized file writes to sensitive locations including other tenants' package directories, mounted secrets, configuration volumes, or even the fetcher process's own binary. The vulnerability exists in versions prior to 1.25.0 and affects the fission-fetcher sidecar that runs in each environment pod.

Source data · NVD / CISA · public domain

CVSS
3.1 · 7.7 HIGH · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
Weaknesses (CWE)
CWE-22
Affected products
0 configuration(s)
Published / Modified
2026-06-10 / 2026-06-17

NVD description (verbatim)

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Unarchive in pkg/utils/zip.go joined each archive entry name with the destination directory via filepath.Join and wrote the result without checking whether the resolved path stayed under the destination. A zip entry named ../../tmp/evil therefore landed at /tmp/evil. An attacker who could control a Package.Spec.Source.URL or Deployment.URL archive could induce the fetcher (running as the per-environment pod's fission-fetcher sidecar) to write files anywhere that process could reach: into other tenants' /packages/<ns>/ directories, into mounted secret/config volumes, or into the fetcher's own binary. This issue has been patched in version 1.25.0.

3 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

The vulnerability resides in pkg/utils/zip.go where archive extraction uses filepath.Join to combine the destination directory with each entry name, then writes the result without path validation. The flaw is a classic path traversal: an entry named `../../tmp/evil` in a zip archive destined for `/packages/namespace/` resolves via filepath.Join to `/tmp/evil`, bypassing any containment checks. Because the fetcher sidecar runs with permissions to access mounted secrets, config volumes, and cross-tenant package directories, this enables arbitrary file writes within the pod's permission scope. The vulnerability is exposed through two input vectors: Package.Spec.Source.URL and Deployment.URL, both user-controllable in multi-tenant Kubernetes environments. CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) directly applies.

Business impact

This vulnerability poses a severe cross-tenant isolation risk in multi-tenant Fission deployments. An attacker with the ability to define or modify Packages or Deployments can corrupt other tenants' function code, inject malicious code into shared volumes, or exfiltrate secrets mounted within the pod. In environments where Fission manages sensitive workloads or handles confidential data, this could lead to data breaches, supply-chain attacks on deployed functions, or denial of service through file system exhaustion. The impact is amplified in shared Kubernetes clusters where isolation between tenants is a compliance requirement. Organizations relying on Fission for multi-tenant serverless offerings face immediate risk if users or automation can supply archive URLs.

Affected systems

Fission versions prior to 1.25.0 are affected. The vulnerability is triggered when the fetcher sidecar processes archives from user-supplied URLs, making any Fission deployment that allows dynamic Package or Deployment configuration susceptible. Kubernetes environments running Fission with multi-tenant workloads or mounted secrets are at heightened risk. Single-tenant or air-gapped deployments with strictly controlled configuration sources face lower but non-zero risk. The open-source nature of Fission means both self-hosted and managed service deployments could be vulnerable.

Exploitability

Exploitation requires the ability to control a Package.Spec.Source.URL or Deployment.URL parameter—typically available to authenticated users in multi-tenant systems. Crafting the malicious zip archive is straightforward: standard zip tools support relative path entries. No special privileges, race conditions, or user interaction are required once the URL is submitted. The attack surface is wide in environments where end users or CI/CD pipelines can define serverless functions. The CVSS score of 7.7 (HIGH) reflects network accessibility, low attack complexity, and the cross-tenant scope escalation, though integrity impact is high and confidentiality impact is not directly scored (writing to secrets/configs indirectly enables confidentiality breaches).

Remediation

Upgrade to Fission version 1.25.0 or later. The patch implements proper path validation during archive extraction to ensure all resolved paths remain within the intended destination directory. Until patching is possible, restrict who can create or modify Packages and Deployments; enforce URL allowlists or disable dynamic archive fetching if feasible. Review logs for suspicious archive entries with `../` sequences in recent fetches. Implement pod security policies to limit the fetcher's file system write scope and network access.

Patch guidance

Apply version 1.25.0 or any subsequent release. Verify the upgrade path from your current version against the official Fission release notes to confirm backward compatibility and any required migration steps. Test in a non-production environment first. After patching, restart all running Fission environment pods to ensure the updated fetcher sidecar is deployed. No data migration or configuration changes should be necessary; the patch is transparent to existing workloads.

Detection guidance

Monitor fission-fetcher container logs for extraction errors or warnings related to path traversal attempts. Check for zip archives with entries containing `../` or similar relative path sequences in submitted URLs. Review file system access patterns in fetcher pods for unexpected writes outside `/packages/` or other expected directories—container runtime logging or eBPF-based tools can help. Audit Package and Deployment creation/update events for suspicious URL patterns. In Kubernetes, enable audit logging for API calls that modify these resources, filtering on source IP or user identity if threat intel suggests targeted activity.

Why prioritize this

This is a HIGH-severity cross-tenant isolation bypass in a widely-used serverless framework. The combination of high integrity impact, network accessibility, authenticated-but-low-friction exploitation, and scope escalation (writing to other tenants' data or shared volumes) makes it a priority remediation target for any multi-tenant Fission deployment. The fact that it is not yet on the KEV list does not diminish urgency; public disclosure and proof-of-concept code in the community could accelerate exploitation. Organizations should prioritize patching within 1–2 weeks if Fission is customer-facing or handles sensitive workloads.

Risk score, explained

The CVSS 7.7 score reflects: (1) Network accessibility (AV:N), allowing attacks from authenticated remote users; (2) Low attack complexity (AC:L), requiring only a crafted zip file; (3) Low privilege requirement (PR:L), assuming role-based or multi-tenant access control is in place; (4) No user interaction (UI:N); (5) Changed scope (S:C), because the attacker can affect other tenants or the underlying host; (6) No confidentiality impact directly scored, but integrity is HIGH because arbitrary files can be written; and (7) No availability impact directly scored, though corrupted binaries or configs could cause denial of service. The score underweights the cross-tenant risk; in practice, the business impact may be higher depending on deployment architecture and the sensitivity of co-located workloads.

Frequently asked questions

Does this vulnerability affect single-tenant Fission deployments?

Yes, but the risk is lower. A single-tenant deployment is still vulnerable if an attacker can inject a malicious archive URL into the configuration. However, there is no cross-tenant exposure. The primary concern shifts to whether the attacker can write files to directories that compromise the function runtime or exfiltrate secrets mounted in the pod. Patching is still strongly recommended.

Can this vulnerability be exploited without providing a URL?

No. The attacker must control the Package.Spec.Source.URL or Deployment.URL parameter. In deployments where these URLs are derived from restricted, trusted sources (e.g., internal artifact repositories with strict access controls), the attack surface is narrow. However, in platforms that allow end-user-supplied URLs or those integrated with untrusted CI/CD systems, the risk is substantial.

What files are most at risk of being overwritten?

Any file the fetcher sidecar process can write to is at risk: other tenants' /packages/<namespace>/ directories, mounted secret and config volumes, the fetcher's own binary (/app/fission-fetcher), and temporary directories like /tmp. The actual impact depends on the pod's RBAC permissions, volume mounts, and file ownership. A thorough assessment requires auditing your specific Fission deployment configuration.

Is there a workaround if I cannot patch immediately?

Partial mitigations include: (1) restricting who can create or modify Packages and Deployments via RBAC; (2) enforcing an allowlist of archive URLs; (3) disabling dynamic archive fetching if possible; (4) using network policies to isolate fetcher pods. However, these do not eliminate the vulnerability—patching to version 1.25.0 is the definitive remediation.

This analysis is provided for informational purposes and reflects publicly available information about CVE-2026-50567 as of the date of publication. SEC.co does not guarantee the completeness or accuracy of all remediation steps or patch version numbers; organizations should verify patch applicability against official Fission advisories and release notes. Testing in a non-production environment is strongly recommended before applying patches to production systems. This vulnerability's severity and exploitability may vary based on your specific deployment architecture, RBAC configuration, and incident context. If you believe you are under active attack, contact your incident response team or a cybersecurity professional immediately. Source: NVD (public-domain), retrieved 2026-07-19. Analysis generated by SEC.co (claude-haiku-4-5).