Zed
Monthly
Zed, a code editor, has an extension installer allows tar/gzip downloads. [CVSS 8.8 HIGH]
Zed code editor versions before 0.225.9 fail to properly validate symbolic links in Agent file tools, allowing attackers to read and write arbitrary files outside the project directory and bypass workspace boundary protections. This vulnerability can expose sensitive user data to language models and leak private files despite configured exclusions. Public exploit code exists and no patch is currently available.
Zed code editor versions prior to 0.224.4 contain a path traversal vulnerability in ZIP extraction that fails to sanitize malicious filenames, allowing attackers to write files outside the intended sandbox directory through crafted extension archives. Public exploit code exists for this vulnerability. An attacker can exploit this by distributing a malicious extension that, when installed, deposits files in arbitrary locations on the affected system.
Zed Editor versions prior to 0.219.4 fail to display tool invocation parameters during permission prompts or after execution, allowing attackers with high privileges to execute tools with malicious or unintended parameters without user awareness. Public exploit code exists for this vulnerability. The issue is resolved in version 0.219.4, which adds expandable tool call details for transparency.
Zed, a code editor, has an extension installer allows tar/gzip downloads. [CVSS 8.8 HIGH]
Zed code editor versions before 0.225.9 fail to properly validate symbolic links in Agent file tools, allowing attackers to read and write arbitrary files outside the project directory and bypass workspace boundary protections. This vulnerability can expose sensitive user data to language models and leak private files despite configured exclusions. Public exploit code exists and no patch is currently available.
Zed code editor versions prior to 0.224.4 contain a path traversal vulnerability in ZIP extraction that fails to sanitize malicious filenames, allowing attackers to write files outside the intended sandbox directory through crafted extension archives. Public exploit code exists for this vulnerability. An attacker can exploit this by distributing a malicious extension that, when installed, deposits files in arbitrary locations on the affected system.
Zed Editor versions prior to 0.219.4 fail to display tool invocation parameters during permission prompts or after execution, allowing attackers with high privileges to execute tools with malicious or unintended parameters without user awareness. Public exploit code exists for this vulnerability. The issue is resolved in version 0.219.4, which adds expandable tool call details for transparency.