Code Marketplace patches Zip Slip path traversal on VSIX upload

TL;DR — A Zip Slip path traversal in code-marketplace can let a malicious VSIX escape the intended extraction directory and overwrite attacker-chosen files on the host filesystem.

What happened

code-marketplace is an open-source alternative to the Visual Studio Code extension marketplace that ingests and extracts VSIX extension bundles. CVE-2026-35454 describes a Zip Slip vulnerability where archive entry paths were used to construct output file paths without enforcing that the final path remained under the intended base directory.

Per the CVE record, the issue occurs because zip entry names were passed through to filesystem writes and combined with filepath.Join without a boundary check, allowing .. path traversal sequences to resolve outside the extension directory. The GitHub advisory linked from the CVE provides examples of how filepath.Join can resolve a traversal path to a host path like /etc/cron.d/..., turning “extension upload” into an arbitrary file write primitive.

This is a classic supply-chain ingestion failure mode: any service that unpacks attacker-influenced archives (extensions, plugins, build artifacts) is one parsing bug away from arbitrary file writes and persistence on the host.

Who is impacted

• Deployments running coder/code-marketplace versions < 2.4.2.
• Environments that accept VSIX uploads (public or internal) where a malicious VSIX could be submitted and extracted by the marketplace.

Note: there is an apparent scoring/assumption mismatch between the CVE’s CVSS v4.0 vector (PR:N) and the GitHub advisory’s described attack scenario (an “upload-capable role”). Treat this as deployment-dependent and validate your marketplace’s upload/auth model.

What to do now

• Follow vendor remediation guidance and apply the latest patched release available at the time of writing.

  "This vulnerability is fixed in 2.4.2."

• Inventory where code-marketplace runs (clusters, container images, Helm charts, pinned module versions) and prioritize any instances reachable by untrusted users or integrated into developer self-service flows.
• Assume arbitrary file writes may enable persistence depending on process privileges and writable paths:
  • review where the marketplace process runs (container hardening, filesystem permissions, read-only rootfs)
  • review logs/telemetry for unexpected extension uploads or suspicious VSIX filenames/paths
• If compromise is suspected, rotate credentials accessible to the marketplace runtime and verify integrity of host/container filesystems (especially any paths writable by the marketplace process).