CVE-2026-42795 PUBLISHED

Symlink Following in Hex Package Export Allows Embedding Files Outside Project Root

Assigner: EEF
Reserved: 29.04.2026 Published: 02.06.2026 Updated: 02.06.2026

Symlink following vulnerability in Gleam's Hex package export allows files outside the project root to be embedded in the generated package tarball.

The file collection helpers (gleam_files, native_files, private_files) in compiler-cli/src/fs.rs use follow_links(true) when walking publishable directories such as src/ and priv/. The collected paths are added to the package archive via add_path_to_tar in compiler-cli/src/publish.rs without verifying that the resolved target remains within the project root. A symlink placed under a publishable directory will cause gleam export hex-tarball or gleam publish to embed the contents of the symlink target into the generated Hex package.

An attacker with write access to the project repository can place a symlink in src/ or priv/ pointing to an arbitrary file. When a maintainer or CI pipeline runs gleam publish or gleam export hex-tarball, local files readable by the publisher (such as secrets, tokens, or SSH keys) are silently embedded into the published package artifact.

This issue affects Gleam from 0.10.0-rc1 until 1.17.0.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS Score: 5.1

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Local	Confidentiality	High	Confidentiality	None
Attack Complexity	Low	Integrity	None	Integrity	None
Attack Requirements	None	Availability	None	Availability	None
Privileges Required	Low
User Interaction	Active

CVSS 4.0

Product Status

Vendor	Gleam
Product	Gleam
Versions	Default: unaffected affected from 0.10.0-rc1 to 1.17.0 (excl.)

Vendor	Gleam
Product	Gleam
Versions	Default: unaffected affected from 0.10.0-rc1 to 1.17.0 (excl.) affected from c82a2d83bd0c06cafdc196820deb3f89a9b3ff7c to 6435a5528b9ae0449e2f32be579641ec485f6866 (excl.)

Vendor	Gleam
Product	Gleam
Versions	Default: unaffected affected from v0.10.0-rc1-elixir to v1.17.0-elixir (excl.) affected from v0.10.0-rc1-erlang to v1.17.0-erlang (excl.) affected from v0.10.0-rc1-node to v1.17.0-node (excl.) affected from v0.10.0-rc1-node-slim to v1.17.0-node-slim (excl.) affected from v0.10.0-rc1-elixir-slim to v1.17.0-elixir-slim (excl.) affected from v0.10.0-rc1-erlang-slim to v1.17.0-erlang-slim (excl.) affected from v0.10.0-rc1-erlang-alpine to v1.17.0-erlang-alpine (excl.) affected from v0.10.0-rc1-elixir-alpine to v1.17.0-elixir-alpine (excl.) affected from v0.10.0-rc1-node-alpine to v1.17.0-node-alpine (excl.) affected from v0.10.0-rc1-scratch to v1.17.0-scratch (excl.)

Workarounds

Avoid running gleam publish or gleam export hex-tarball on untrusted projects
Review the contents of src/ and priv/ for unexpected symlinks before publishing
Run publishing commands in a restricted or isolated environment (e.g. containers)

Credits

Aly (spect3r1) finder
Abdelrahman Ahmed Aboelkasem (0x2face) finder
Louis Pilfold remediation developer
Jonatan Männchen / EEF analyst

References

Problem Types

CWE-59 Improper Link Resolution Before File Access ('Link Following') CWE

Impacts

CAPEC-132 Symlink Attack