CVE-2026-55078

GHSA-2mg2-p7r7-g27f MEDIUM
Published July 6, 2026

### Summary `POST /api/v2/files` converts zip uploads to tar in memory via `CreateTarFromZip`, which enforced a per-entry size limit but no aggregate limit on total decompressed output, writing to an unbounded in-memory buffer. > **Note:** Exploitation requires authenticated file-upload access...

Full CISO analysis pending enrichment.

What systems are affected?

Package Ecosystem Vulnerable Range Patched
Anthropic Python go >= 2.34.0, < 2.34.2 2.34.2
3.7K 5.4K dependents Pushed 4d ago 95% patched ~3d to patch Full package profile →

Do you use Anthropic Python? You're affected.

How severe is it?

CVSS 3.1
6.5 / 10
EPSS
N/A
Exploitation Status
No known exploitation
Sophistication
N/A

What is the attack surface?

AV AC PR UI S C I A
AV Network
AC Low
PR Low
UI None
S Unchanged
C None
I None
A High

What should I do?

Patch available

Update Anthropic Python to version 2.34.2

Which compliance frameworks are affected?

Compliance analysis pending. Sign in for full compliance mapping when available.

Frequently Asked Questions

What is CVE-2026-55078?

### Summary `POST /api/v2/files` converts zip uploads to tar in memory via `CreateTarFromZip`, which enforced a per-entry size limit but no aggregate limit on total decompressed output, writing to an unbounded in-memory buffer. > **Note:** Exploitation requires authenticated file-upload access and the impact is limited to availability (denial of service). ### Impact An authenticated user could upload a zip within the 100 MiB upload limit but containing many highly compressible entries whose decompressed size exhausted memory, crashing `coderd` before any RBAC check. Repeated requests could keep the service unavailable. This is a denial of service; it does not allow data disclosure or code execution. ### Patches The fix adds a metadata preflight check that sums projected entry sizes and a streaming writer that enforces the aggregate limit during decompression. The fix was backported to all supported release lines: | Release line | Patched version | |---|---| | 2.34 | [v2.34.2](https://github.com/coder/coder/releases/tag/v2.34.2) | | 2.33 | [v2.33.8](https://github.com/coder/coder/releases/tag/v2.33.8) | | 2.32 | [v2.32.7](https://github.com/coder/coder/releases/tag/v2.32.7) | | 2.29 (ESR) | [v2.29.17](https://github.com/coder/coder/releases/tag/v2.29.17) | ### Workarounds Restrict file-upload permissions to trusted users or place a reverse proxy with request-body size limits in front of `coderd`. ### Resources - Fix: #25877 ### Credits Coder would like to thank Anthropic's Security Team (ANT-2026-22438) for independently disclosing this issue!

Is CVE-2026-55078 actively exploited?

No confirmed active exploitation of CVE-2026-55078 has been reported, but organizations should still patch proactively.

How to fix CVE-2026-55078?

Update to patched version: Anthropic Python 2.34.2.

What is the CVSS score for CVE-2026-55078?

CVE-2026-55078 has a CVSS v3.1 base score of 6.5 (MEDIUM).

What are the technical details?

Original Advisory

### Summary `POST /api/v2/files` converts zip uploads to tar in memory via `CreateTarFromZip`, which enforced a per-entry size limit but no aggregate limit on total decompressed output, writing to an unbounded in-memory buffer. > **Note:** Exploitation requires authenticated file-upload access and the impact is limited to availability (denial of service). ### Impact An authenticated user could upload a zip within the 100 MiB upload limit but containing many highly compressible entries whose decompressed size exhausted memory, crashing `coderd` before any RBAC check. Repeated requests could keep the service unavailable. This is a denial of service; it does not allow data disclosure or code execution. ### Patches The fix adds a metadata preflight check that sums projected entry sizes and a streaming writer that enforces the aggregate limit during decompression. The fix was backported to all supported release lines: | Release line | Patched version | |---|---| | 2.34 | [v2.34.2](https://github.com/coder/coder/releases/tag/v2.34.2) | | 2.33 | [v2.33.8](https://github.com/coder/coder/releases/tag/v2.33.8) | | 2.32 | [v2.32.7](https://github.com/coder/coder/releases/tag/v2.32.7) | | 2.29 (ESR) | [v2.29.17](https://github.com/coder/coder/releases/tag/v2.29.17) | ### Workarounds Restrict file-upload permissions to trusted users or place a reverse proxy with request-body size limits in front of `coderd`. ### Resources - Fix: #25877 ### Credits Coder would like to thank Anthropic's Security Team (ANT-2026-22438) for independently disclosing this issue!

Weaknesses (CWE)

CWE-409 — Improper Handling of Highly Compressed Data (Data Amplification): The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.

Source: MITRE CWE corpus.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Timeline

Published
July 6, 2026
Last Modified
July 6, 2026
First Seen
July 7, 2026

Related Vulnerabilities