CVE-2026-42795

Summary

Symlink following vulnerability in Gleam's Hex package export allows files outside the project root to be embedded in the generated package tarball.

The file collection helpers (gleam_files, native_files, private_files) in compiler-cli/src/fs.rs use follow_links(true) when walking publishable directories such as src/ and priv/. The collected paths are added to the package archive via add_path_to_tar in compiler-cli/src/publish.rs without verifying that the resolved target remains within the project root. A symlink placed under a publishable directory will cause gleam export hex-tarball or gleam publish to embed the contents of the symlink target into the generated Hex package.

An attacker with write access to the project repository can place a symlink in src/ or priv/ pointing to an arbitrary file. When a maintainer or CI pipeline runs gleam publish or gleam export hex-tarball, local files readable by the publisher (such as secrets, tokens, or SSH keys) are silently embedded into the published package artifact.

This issue affects Gleam from 0.10.0-rc1 until 1.17.0.

Affected Software

VendorProductVersion RangeStatus
GleamGleam0.10.0-rc1 < 1.17.0affected
GleamGleam0.10.0-rc1 < 1.17.0affected
GleamGleamc82a2d83bd0c06cafdc196820deb3f89a9b3ff7c < 6435a5528b9ae0449e2f32be579641ec485f6866affected
GleamGleamv0.10.0-rc1-elixir < v1.17.0-elixiraffected
GleamGleamv0.10.0-rc1-erlang < v1.17.0-erlangaffected
GleamGleamv0.10.0-rc1-node < v1.17.0-nodeaffected
GleamGleamv0.10.0-rc1-node-slim < v1.17.0-node-slimaffected
GleamGleamv0.10.0-rc1-elixir-slim < v1.17.0-elixir-slimaffected
GleamGleamv0.10.0-rc1-erlang-slim < v1.17.0-erlang-slimaffected
GleamGleamv0.10.0-rc1-erlang-alpine < v1.17.0-erlang-alpineaffected
GleamGleamv0.10.0-rc1-elixir-alpine < v1.17.0-elixir-alpineaffected
GleamGleamv0.10.0-rc1-node-alpine < v1.17.0-node-alpineaffected
GleamGleamv0.10.0-rc1-scratch < v1.17.0-scratchaffected

Weaknesses

  • CWE-59: CWE-59 Improper Link Resolution Before File Access ('Link Following')

Workarounds

  • Avoid running gleam publish or gleam export hex-tarball on untrusted projects
  • Review the contents of src/ and priv/ for unexpected symlinks before publishing
  • Run publishing commands in a restricted or isolated environment (e.g. containers)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References