CVE-2026-42795
Symlink Following in Hex Package Export Allows Embedding Files Outside Project Root
Weakness Type (CWE)
CWE-59 — CWE-59 Improper Link Resolution Before File Access ('Link Following')
CAPEC
Vulnerability description
Symlink following vulnerability in Gleam's Hex package export allows files outside the project root to be embedded in the generated package tarball.
The file collection helpers (gleam_files, native_files, private_files) in compiler-cli/src/fs.rs use follow_links(true) when walking publishable directories such as src/ and priv/. The collected paths are added to the package archive via add_path_to_tar in compiler-cli/src/publish.rs without verifying that the resolved target remains within the project root. A symlink placed under a publishable directory will cause gleam export hex-tarball or gleam publish to embed the contents of the symlink target into the generated Hex package.
An attacker with write access to the project repository can place a symlink in src/ or priv/ pointing to an arbitrary file. When a maintainer or CI pipeline runs gleam publish or gleam export hex-tarball, local files readable by the publisher (such as secrets, tokens, or SSH keys) are silently embedded into the published package artifact.
This issue affects Gleam from 0.10.0-rc1 until 1.17.0.
Affected
pkg:sid/gleam.run/gleam
| Module | Source File | Routine |
|---|---|---|
compiler-cli
|
compiler-cli/src/fs.rs
|
compiler_cli::fs::gleam_files
|
compiler-cli/src/publish.rs
|
compiler_cli::fs::native_files
|
|
compiler_cli::fs::private_files
|
||
compiler_cli::publish::project_files
|
||
compiler_cli::publish::add_path_to_tar
|
| Status | Type | Version | Changes / Fixed in |
|---|---|---|---|
| affected | semver ⓘ | 0.10.0-rc1
|
< 1.17.0
|
pkg:github/gleam-lang/gleam
| Module | Source File | Routine |
|---|---|---|
compiler-cli
|
compiler-cli/src/fs.rs
|
compiler_cli::fs::gleam_files
|
compiler-cli/src/publish.rs
|
compiler_cli::fs::native_files
|
|
compiler_cli::fs::private_files
|
||
compiler_cli::publish::project_files
|
||
compiler_cli::publish::add_path_to_tar
|
| Status | Type | Version | Changes / Fixed in |
|---|---|---|---|
| affected | semver ⓘ | 0.10.0-rc1
|
< 1.17.0
|
| affected | git ⓘ | c82a2d83bd
|
< 6435a5528b
|
pkg:oci/gleam
| Module | Source File | Routine |
|---|---|---|
compiler-cli
|
compiler-cli/src/fs.rs
|
compiler_cli::fs::gleam_files
|
compiler-cli/src/publish.rs
|
compiler_cli::fs::native_files
|
|
compiler_cli::fs::private_files
|
||
compiler_cli::publish::project_files
|
||
compiler_cli::publish::add_path_to_tar
|
| Status | Type | Version | Changes / Fixed in |
|---|---|---|---|
| affected | other | v0.10.0-rc1-elixir
|
< v1.17.0-elixir
|
| affected | other | v0.10.0-rc1-erlang
|
< v1.17.0-erlang
|
| affected | other | v0.10.0-rc1-node
|
< v1.17.0-node
|
| affected | other | v0.10.0-rc1-node-slim
|
< v1.17.0-node-slim
|
| affected | other | v0.10.0-rc1-elixir-slim
|
< v1.17.0-elixir-slim
|
| affected | other | v0.10.0-rc1-erlang-slim
|
< v1.17.0-erlang-slim
|
| affected | other | v0.10.0-rc1-erlang-alpine
|
< v1.17.0-erlang-alpine
|
| affected | other | v0.10.0-rc1-elixir-alpine
|
< v1.17.0-elixir-alpine
|
| affected | other | v0.10.0-rc1-node-alpine
|
< v1.17.0-node-alpine
|
| affected | other | v0.10.0-rc1-scratch
|
< v1.17.0-scratch
|
Workarounds
- Avoid running gleam publish or gleam export hex-tarball on untrusted projects
- Review the contents of src/ and priv/ for unexpected symlinks before publishing
- Run publishing commands in a restricted or isolated environment (e.g. containers)
References
- https://github.com/gleam-lang/gleam/security/advisories/GHSA-qhh5-fg4c-8gqc vendor-advisory related
- https://osv.dev/vulnerability/EEF-CVE-2026-42795 related
- https://github.com/gleam-lang/gleam/commit/6435a5528b9ae0449e2f32be579641ec485f6866 patch
Credits
- Finder: Aly (spect3r1)
- Finder: Abdelrahman Ahmed Aboelkasem (0x2face)
- Remediation developer: Louis Pilfold
- Analyst: Jonatan Männchen / EEF
CVE record as JSON:
GET /cves/CVE-2026-42795.json
OSV record as JSON:
GET /osv/EEF-CVE-2026-42795.json