CWE-59
AllowedImproper Link Resolution Before File Access ('Link Following')
Abstraction: Base · Status: Draft
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
1987 vulnerabilities reference this CWE, most recent first.
GHSA-QJVR-7M59-JJ7M
Vulnerability from github – Published: 2022-05-02 00:05 – Updated: 2022-05-02 00:05gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.
{
"affected": [],
"aliases": [
"CVE-2008-3929"
],
"database_specific": {
"cwe_ids": [
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-09-04T18:41:00Z",
"severity": "HIGH"
},
"details": "gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.",
"id": "GHSA-qjvr-7m59-jj7m",
"modified": "2022-05-02T00:05:05Z",
"published": "2022-05-02T00:05:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3929"
},
{
"type": "WEB",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44739"
},
{
"type": "WEB",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496369"
},
{
"type": "WEB",
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/ampache"
},
{
"type": "WEB",
"url": "http://freshmeat.net/projects/ampache/releases/283935"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31657"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/33316"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200812-22.xml"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/30875"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QM7H-F635-H2R6
Vulnerability from github – Published: 2026-07-15 18:31 – Updated: 2026-07-15 21:31Microsoft AVML before 0.17.0 could follow a symlink when opening a destination output path on Unix, allowing truncation/overwrite of the symlink target. The destructive effect is performed at open-time via O_TRUNC, and can happen before full input validation completes (“truncation-before-validation”).
{
"affected": [],
"aliases": [
"CVE-2026-61371"
],
"database_specific": {
"cwe_ids": [
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-15T16:16:50Z",
"severity": "HIGH"
},
"details": "Microsoft AVML before 0.17.0 could follow a symlink when opening a destination output path on Unix, allowing truncation/overwrite of the symlink target. The destructive effect is performed at open-time via O_TRUNC, and can happen before full input validation completes (\u201ctruncation-before-validation\u201d).",
"id": "GHSA-qm7h-f635-h2r6",
"modified": "2026-07-15T21:31:21Z",
"published": "2026-07-15T18:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-61371"
},
{
"type": "WEB",
"url": "https://github.com/microsoft/avml/pull/754"
},
{
"type": "WEB",
"url": "https://gist.github.com/thesmartshadow/2d099071f847de8db3dc4bbaf4dfa6df"
},
{
"type": "WEB",
"url": "https://github.com/microsoft/avml/releases/tag/v0.17.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QMGC-5H2G-MVRW
Vulnerability from github – Published: 2026-01-13 18:44 – Updated: 2026-01-13 18:44Vulnerability Summary
Title: Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock
Affected Component: filelock package - SoftFileLock class
File: src/filelock/_soft.py lines 17-27
CWE: CWE-362, CWE-367, CWE-59
Description
A TOCTOU race condition vulnerability exists in the SoftFileLock implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition between the permission validation and file creation to cause lock operations to fail or behave unexpectedly.
The vulnerability occurs in the _acquire() method between raise_on_not_writable_file() (permission check) and os.open() (file creation). During this race window, an attacker can create a symlink at the lock file path, potentially causing the lock to operate on an unintended target file or leading to denial of service.
Attack Scenario
1. Lock attempts to acquire on /tmp/app.lock
2. Permission validation passes
3. [RACE WINDOW] - Attacker creates: ln -s /tmp/important.txt /tmp/app.lock
4. os.open() tries to create lock file
5. Lock operates on attacker-controlled target file or fails
Impact
What kind of vulnerability is it? Who is impacted?
This is a Time-of-Check-Time-of-Use (TOCTOU) race condition vulnerability affecting any application using SoftFileLock for inter-process synchronization.
Affected Users:
- Applications using filelock.SoftFileLock directly
- Applications using the fallback FileLock on systems without fcntl support (e.g., GraalPy)
Consequences: - Silent lock acquisition failure - applications may not detect that exclusive resource access is not guaranteed - Denial of Service - attacker can prevent lock file creation by maintaining symlink - Resource serialization failures - multiple processes may acquire "locks" simultaneously - Unintended file operations - lock could operate on attacker-controlled files
CVSS v4.0 Score: 5.6 (Medium) Vector: CVSS:4.0/AV:L/AT:L/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
Attack Requirements: - Local filesystem access to the directory containing lock files - Permission to create symlinks (standard for regular unprivileged users on Unix/Linux) - Ability to time the symlink creation during the narrow race window
Patches
Has the problem been patched? What versions should users upgrade to?
Yes, the vulnerability has been patched by adding the O_NOFOLLOW flag to prevent symlink following during lock file creation.
Patched Version: Next release (commit: 255ed068bc85d1ef406e50a135e1459170dd1bf0)
Mitigation Details:
- The O_NOFOLLOW flag is added conditionally and gracefully degrades on platforms without support
- On platforms with O_NOFOLLOW support (most modern systems): symlink attacks are completely prevented
- On platforms without O_NOFOLLOW (e.g., GraalPy): TOCTOU window remains but is documented
Users should:
- Upgrade to the patched version when available
- For critical deployments, consider using UnixFileLock or WindowsFileLock instead of the fallback SoftFileLock
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
For users unable to update immediately:
-
Avoid
SoftFileLockin security-sensitive contexts - useUnixFileLockorWindowsFileLockwhen available (these were already patched for CVE-2025-68146) -
Restrict filesystem permissions - prevent untrusted users from creating symlinks in lock file directories:
bash chmod 700 /path/to/lock/directory -
Use process isolation - isolate untrusted code from lock file paths to prevent symlink creation
-
Monitor lock operations - implement application-level checks to verify lock acquisitions are successful before proceeding with critical operations
References
Are there any links users can visit to find out more?
- Similar Vulnerability: CVE-2025-68146 (TOCTOU vulnerability in UnixFileLock/WindowsFileLock)
- CWE-362 (Concurrent Execution using Shared Resource): https://cwe.mitre.org/data/definitions/362.html
- CWE-367 (Time-of-check Time-of-use Race Condition): https://cwe.mitre.org/data/definitions/367.html
- CWE-59 (Improper Link Resolution Before File Access): https://cwe.mitre.org/data/definitions/59.html
- O_NOFOLLOW documentation: https://man7.org/linux/man-pages/man2/open.2.html
- GitHub Repository: https://github.com/tox-dev/filelock
Reported by: George Tsigourakos (@tsigouris007)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "filelock"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.20.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-22701"
],
"database_specific": {
"cwe_ids": [
"CWE-362",
"CWE-367",
"CWE-59"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-13T18:44:55Z",
"nvd_published_at": "2026-01-10T06:15:52Z",
"severity": "MODERATE"
},
"details": "## Vulnerability Summary\n\n**Title:** Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock\n\n**Affected Component:** `filelock` package - `SoftFileLock` class\n**File:** `src/filelock/_soft.py` lines 17-27\n**CWE:** CWE-362, CWE-367, CWE-59\n\n---\n\n## Description\n\nA TOCTOU race condition vulnerability exists in the `SoftFileLock` implementation of the filelock package. An attacker with local filesystem access and permission to create symlinks can exploit a race condition between the permission validation and file creation to cause lock operations to fail or behave unexpectedly.\n\nThe vulnerability occurs in the `_acquire()` method between `raise_on_not_writable_file()` (permission check) and `os.open()` (file creation). During this race window, an attacker can create a symlink at the lock file path, potentially causing the lock to operate on an unintended target file or leading to denial of service.\n\n### Attack Scenario\n\n```\n1. Lock attempts to acquire on /tmp/app.lock\n2. Permission validation passes\n3. [RACE WINDOW] - Attacker creates: ln -s /tmp/important.txt /tmp/app.lock\n4. os.open() tries to create lock file\n5. Lock operates on attacker-controlled target file or fails\n```\n\n---\n\n## Impact\n\n_What kind of vulnerability is it? Who is impacted?_\n\nThis is a **Time-of-Check-Time-of-Use (TOCTOU) race condition vulnerability** affecting any application using `SoftFileLock` for inter-process synchronization.\n\n**Affected Users:**\n- Applications using `filelock.SoftFileLock` directly\n- Applications using the fallback `FileLock` on systems without `fcntl` support (e.g., GraalPy)\n\n**Consequences:**\n- **Silent lock acquisition failure** - applications may not detect that exclusive resource access is not guaranteed\n- **Denial of Service** - attacker can prevent lock file creation by maintaining symlink\n- **Resource serialization failures** - multiple processes may acquire \"locks\" simultaneously\n- **Unintended file operations** - lock could operate on attacker-controlled files\n\n**CVSS v4.0 Score:** 5.6 (Medium)\n**Vector:** CVSS:4.0/AV:L/AT:L/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N\n\n**Attack Requirements:**\n- Local filesystem access to the directory containing lock files\n- Permission to create symlinks (standard for regular unprivileged users on Unix/Linux)\n- Ability to time the symlink creation during the narrow race window\n\n---\n\n## Patches\n\n_Has the problem been patched? What versions should users upgrade to?_\n\nYes, the vulnerability has been patched by adding the `O_NOFOLLOW` flag to prevent symlink following during lock file creation.\n\n**Patched Version:** Next release (commit: 255ed068bc85d1ef406e50a135e1459170dd1bf0)\n\n**Mitigation Details:**\n- The `O_NOFOLLOW` flag is added conditionally and gracefully degrades on platforms without support\n- On platforms with `O_NOFOLLOW` support (most modern systems): symlink attacks are completely prevented\n- On platforms without `O_NOFOLLOW` (e.g., GraalPy): TOCTOU window remains but is documented\n\n**Users should:**\n- Upgrade to the patched version when available\n- For critical deployments, consider using `UnixFileLock` or `WindowsFileLock` instead of the fallback `SoftFileLock`\n\n---\n\n## Workarounds\n\n_Is there a way for users to fix or remediate the vulnerability without upgrading?_\n\nFor users unable to update immediately:\n\n1. **Avoid `SoftFileLock` in security-sensitive contexts** - use `UnixFileLock` or `WindowsFileLock` when available (these were already patched for CVE-2025-68146)\n\n2. **Restrict filesystem permissions** - prevent untrusted users from creating symlinks in lock file directories:\n ```bash\n chmod 700 /path/to/lock/directory\n ```\n\n3. **Use process isolation** - isolate untrusted code from lock file paths to prevent symlink creation\n\n4. **Monitor lock operations** - implement application-level checks to verify lock acquisitions are successful before proceeding with critical operations\n\n---\n\n## References\n\n_Are there any links users can visit to find out more?_\n\n- **Similar Vulnerability:** CVE-2025-68146 (TOCTOU vulnerability in UnixFileLock/WindowsFileLock)\n- **CWE-362 (Concurrent Execution using Shared Resource):** https://cwe.mitre.org/data/definitions/362.html\n- **CWE-367 (Time-of-check Time-of-use Race Condition):** https://cwe.mitre.org/data/definitions/367.html\n- **CWE-59 (Improper Link Resolution Before File Access):** https://cwe.mitre.org/data/definitions/59.html\n- **O_NOFOLLOW documentation:** https://man7.org/linux/man-pages/man2/open.2.html\n- **GitHub Repository:** https://github.com/tox-dev/filelock\n\n---\n\n**Reported by:** George Tsigourakos (@tsigouris007)",
"id": "GHSA-qmgc-5h2g-mvrw",
"modified": "2026-01-13T18:44:55Z",
"published": "2026-01-13T18:44:55Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tox-dev/filelock/security/advisories/GHSA-qmgc-5h2g-mvrw"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22701"
},
{
"type": "WEB",
"url": "https://github.com/tox-dev/filelock/commit/255ed068bc85d1ef406e50a135e1459170dd1bf0"
},
{
"type": "WEB",
"url": "https://github.com/tox-dev/filelock/commit/41b42dd2c72aecf7da83dbda5903b8087dddc4d5"
},
{
"type": "PACKAGE",
"url": "https://github.com/tox-dev/filelock"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
}
],
"summary": "filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock"
}
GHSA-QMMC-JPPF-32WV
Vulnerability from github – Published: 2022-02-15 00:41 – Updated: 2021-05-20 21:02Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications."
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/docker/docker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2014-9358"
],
"database_specific": {
"cwe_ids": [
"CWE-59"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-20T21:02:14Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) \"docker load\" operation or (2) \"registry communications.\"",
"id": "GHSA-qmmc-jppf-32wv",
"modified": "2021-05-20T21:02:14Z",
"published": "2022-02-15T00:41:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9358"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2014-9358"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#!msg/docker-user/nFAz-B-n4Bw/0wr3wvLsnUwJ"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#%21msg/docker-user/nFAz-B-n4Bw/0wr3wvLsnUwJ"
},
{
"type": "WEB",
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9358"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/534215/100/0/threaded"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Directory Traversal in Docker"
}
GHSA-QPCR-J696-V456
Vulnerability from github – Published: 2022-05-24 17:06 – Updated: 2023-02-02 21:34The default event handling scripts in Automatic Bug Reporting Tool (ABRT) allow local users to gain privileges as demonstrated by a symlink attack on a var_log_messages file.
{
"affected": [],
"aliases": [
"CVE-2015-1869"
],
"database_specific": {
"cwe_ids": [
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-14T18:15:00Z",
"severity": "HIGH"
},
"details": "The default event handling scripts in Automatic Bug Reporting Tool (ABRT) allow local users to gain privileges as demonstrated by a symlink attack on a var_log_messages file.",
"id": "GHSA-qpcr-j696-v456",
"modified": "2023-02-02T21:34:01Z",
"published": "2022-05-24T17:06:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1869"
},
{
"type": "WEB",
"url": "https://github.com/abrt/abrt/commit/3287aa12eb205cff95cdd00d6d6c5c9a4f8f0eca"
},
{
"type": "WEB",
"url": "https://github.com/abrt/abrt/commit/7417505e1d93cc95ec648b74e3c801bc67aacb9f"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2015:1083"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2015:1210"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2015-1869"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212861"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/04/17/5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QQ3R-W4HJ-GJP6
Vulnerability from github – Published: 2026-05-04 21:26 – Updated: 2026-05-13 13:42Impact
A crafted .apk could install a TypeSymlink tar entry whose target pointed outside the build root, and a subsequent directory-creation or file-write entry in the same or later archive could traverse that symlink to reach host paths the build user could write to. The root cause was the sanitizePath helper in pkg/apk/fs/rwosfs.go, which rejected only lexical .. traversal and did not resolve or refuse symlinks. Every disk-backed DirFS method that handed its caller-supplied path to a symlink-following stdlib call — ReadFile, WriteFile, Chmod, Chown, Chtimes, MkdirAll, Mkdir, and Mknod — was affected. The reachable primitive from a malicious APK during tar extraction is the MkdirAll / Mkdir / WriteFile chain via apko build-cpio and disk-backed consumers such as melange; the remaining sinks are reachable by direct callers of the pkg/apk/fs package. The in-memory tarfs install path used by apko build, apko publish, and apko build-minirootfs is not affected.
Patches
Fixed in apko v1.2.5 by #2187 / commit f5a96e1, which scopes all DirFS operations through a Go 1.24 *os.Root. The sanitizePath helper has been removed; *os.Root refuses traversal via .., absolute-target symlinks, relative-target symlinks, and hardlinks by construction. Regression tests in pkg/apk/apk/path_traversal_test.go cover each composite primitive.
Workarounds
No complete workaround. Operators running pre-1.2.5 apko (or downstream tools such as melange that embed pre-1.2.5 pkg/apk/fs) should upgrade. Consuming only APKs from trusted, signed sources reduces but does not eliminate exposure.
Resources
- https://github.com/chainguard-dev/apko/pull/2187
- https://github.com/chainguard-dev/apko/commit/f5a96e1299ac81c7ea9441705ec467688086f442
- https://github.com/chainguard-dev/apko/releases/tag/v1.2.5
- Related: GHSA-5g94-c2wx-8pxw (CVE-2026-25121) — prior lexical
..traversal fix
Credits
apko thanks Oleh Konko (@1seal from 1seal.org) for the initial report of the symlink-escape class, and to @Xh081iX for a follow-up set of reports covering additional reachable primitives (ReadFile, Chmod/Chown, Mknod, MkdirAll/Mkdir) that shaped the comprehensive fix.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "chainguard.dev/apko"
},
"ranges": [
{
"events": [
{
"introduced": "0.14.8"
},
{
"fixed": "1.2.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-42574"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-59"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-04T21:26:47Z",
"nvd_published_at": "2026-05-09T20:16:29Z",
"severity": "HIGH"
},
"details": "### Impact\n\nA crafted `.apk` could install a `TypeSymlink` tar entry whose target pointed outside the build root, and a subsequent directory-creation or file-write entry in the same or later archive could traverse that symlink to reach host paths the build user could write to. The root cause was the `sanitizePath` helper in `pkg/apk/fs/rwosfs.go`, which rejected only lexical `..` traversal and did not resolve or refuse symlinks. Every disk-backed `DirFS` method that handed its caller-supplied path to a symlink-following stdlib call \u2014 `ReadFile`, `WriteFile`, `Chmod`, `Chown`, `Chtimes`, `MkdirAll`, `Mkdir`, and `Mknod` \u2014 was affected. The reachable primitive from a malicious APK during tar extraction is the `MkdirAll` / `Mkdir` / `WriteFile` chain via `apko build-cpio` and disk-backed consumers such as `melange`; the remaining sinks are reachable by direct callers of the `pkg/apk/fs` package. The in-memory `tarfs` install path used by `apko build`, `apko publish`, and `apko build-minirootfs` is not affected.\n\n### Patches\n\nFixed in apko **v1.2.5** by [#2187](https://github.com/chainguard-dev/apko/pull/2187) / commit [f5a96e1](https://github.com/chainguard-dev/apko/commit/f5a96e1299ac81c7ea9441705ec467688086f442), which scopes all `DirFS` operations through a Go 1.24 `*os.Root`. The `sanitizePath` helper has been removed; `*os.Root` refuses traversal via `..`, absolute-target symlinks, relative-target symlinks, and hardlinks by construction. Regression tests in `pkg/apk/apk/path_traversal_test.go` cover each composite primitive.\n\n### Workarounds\n\nNo complete workaround. Operators running pre-1.2.5 apko (or downstream tools such as melange that embed pre-1.2.5 `pkg/apk/fs`) should upgrade. Consuming only APKs from trusted, signed sources reduces but does not eliminate exposure.\n\n### Resources\n\n- https://github.com/chainguard-dev/apko/pull/2187\n- https://github.com/chainguard-dev/apko/commit/f5a96e1299ac81c7ea9441705ec467688086f442\n- https://github.com/chainguard-dev/apko/releases/tag/v1.2.5\n- Related: GHSA-5g94-c2wx-8pxw (CVE-2026-25121) \u2014 prior lexical `..` traversal fix\n\n### Credits\n\napko thanks Oleh Konko ([@1seal](https://github.com/1seal) from [1seal.org](https://1seal.org/)) for the initial report of the symlink-escape class, and to [@Xh081iX](https://github.com/Xh081iX) for a follow-up set of reports covering additional reachable primitives (`ReadFile`, `Chmod`/`Chown`, `Mknod`, `MkdirAll`/`Mkdir`) that shaped the comprehensive fix.",
"id": "GHSA-qq3r-w4hj-gjp6",
"modified": "2026-05-13T13:42:42Z",
"published": "2026-05-04T21:26:47Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-qq3r-w4hj-gjp6"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42574"
},
{
"type": "WEB",
"url": "https://github.com/chainguard-dev/apko/pull/2187"
},
{
"type": "WEB",
"url": "https://github.com/chainguard-dev/apko/commit/f5a96e1299ac81c7ea9441705ec467688086f442"
},
{
"type": "PACKAGE",
"url": "https://github.com/chainguard-dev/apko"
},
{
"type": "WEB",
"url": "https://github.com/chainguard-dev/apko/releases/tag/v1.2.5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "apko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build root"
}
GHSA-QQ7H-M7F5-5CH5
Vulnerability from github – Published: 2022-05-17 03:52 – Updated: 2022-05-17 03:52lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
{
"affected": [],
"aliases": [
"CVE-2014-3424"
],
"database_specific": {
"cwe_ids": [
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2014-05-08T10:55:00Z",
"severity": "LOW"
},
"details": "lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.",
"id": "GHSA-qq7h-m7f5-5ch5",
"modified": "2022-05-17T03:52:14Z",
"published": "2022-05-17T03:52:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3424"
},
{
"type": "WEB",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"type": "WEB",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"type": "WEB",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00060.html"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QQ89-HQ3F-393P
Vulnerability from github – Published: 2021-08-31 16:05 – Updated: 2021-08-31 16:02Impact
Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution
node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created.
This logic was insufficient when extracting tar files that contained two directories and a symlink with names containing unicode values that normalized to the same value. Additionally, on Windows systems, long path portions would resolve to the same file system entities as their 8.3 "short path" counterparts. A specially crafted tar archive could thus include directories with two forms of the path that resolve to the same file system entity, followed by a symbolic link with a name in the first form, lastly followed by a file using the second form. It led to bypassing node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite.
The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available below.
Patches
6.1.9 || 5.0.10 || 4.4.18
Workarounds
Users may work around this vulnerability without upgrading by creating a custom filter method which prevents the extraction of symbolic links.
const tar = require('tar')
tar.x({
file: 'archive.tgz',
filter: (file, entry) => {
if (entry.type === 'SymbolicLink') {
return false
} else {
return true
}
}
})
Users are encouraged to upgrade to the latest patched versions, rather than attempt to sanitize tar input themselves.
Fix
The problem is addressed in the following ways, when comparing paths in the directory cache and path reservation systems:
- The
String.normalize('NFKD')method is used to first normalize all unicode to its maximally compatible and multi-code-point form. - All slashes are normalized to
/on Windows systems (on posix systems,\is a valid filename character, and thus left intact). - When a symbolic link is encountered on Windows systems, the entire directory cache is cleared. Collisions related to use of 8.3 short names to replace directories with other (non-symlink) types of entries may make archives fail to extract properly, but will not result in arbitrary file writes.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "tar"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "4.4.18"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "tar"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.0.10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "tar"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.1.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-37712"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-59"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-31T16:02:04Z",
"nvd_published_at": "2021-08-31T17:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nArbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution\n\nnode-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created.\n\nThis logic was insufficient when extracting tar files that contained two directories and a symlink with names containing unicode values that normalized to the same value. Additionally, on Windows systems, long path portions would resolve to the same file system entities as their 8.3 \"short path\" counterparts. A specially crafted tar archive could thus include directories with two forms of the path that resolve to the same file system entity, followed by a symbolic link with a name in the first form, lastly followed by a file using the second form. It led to bypassing node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite.\n\nThe v3 branch of `node-tar` has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of `node-tar`. If this is not possible, a workaround is available below.\n\n### Patches\n\n6.1.9 || 5.0.10 || 4.4.18\n\n### Workarounds\n\nUsers may work around this vulnerability without upgrading by creating a custom filter method which prevents the extraction of symbolic links.\n\n```js\nconst tar = require(\u0027tar\u0027)\n\ntar.x({\n file: \u0027archive.tgz\u0027,\n filter: (file, entry) =\u003e {\n if (entry.type === \u0027SymbolicLink\u0027) {\n return false\n } else {\n return true\n }\n }\n})\n```\n\nUsers are encouraged to upgrade to the latest patched versions, rather than attempt to sanitize tar input themselves.\n\n#### Fix\n\nThe problem is addressed in the following ways, when comparing paths in the directory cache and path reservation systems:\n\n1. The `String.normalize(\u0027NFKD\u0027)` method is used to first normalize all unicode to its maximally compatible and multi-code-point form.\n2. All slashes are normalized to `/` on Windows systems (on posix systems, `\\` is a valid filename character, and thus left intact).\n3. When a symbolic link is encountered on Windows systems, the entire directory cache is cleared. Collisions related to use of 8.3 short names to replace directories with other (non-symlink) types of entries may make archives fail to extract properly, but will not result in arbitrary file writes.\n",
"id": "GHSA-qq89-hq3f-393p",
"modified": "2021-08-31T16:02:04Z",
"published": "2021-08-31T16:05:17Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712"
},
{
"type": "WEB",
"url": "https://github.com/isaacs/node-tar/commit/1739408d3122af897caefd09662bce2ea477533b"
},
{
"type": "WEB",
"url": "https://github.com/isaacs/node-tar/commit/2f1bca027286c23e110b8dfc7efc10756fa3db5a"
},
{
"type": "WEB",
"url": "https://github.com/isaacs/node-tar/commit/3aaf19b2501bbddb145d92b3322c80dcaed3c35f"
},
{
"type": "WEB",
"url": "https://github.com/isaacs/node-tar/commit/b6162c7fafe797f856564ef37f4b82747f051455"
},
{
"type": "WEB",
"url": "https://github.com/isaacs/node-tar/commit/bb93ba243746f705092905da1955ac3b0509ba1e"
},
{
"type": "WEB",
"url": "https://github.com/isaacs/node-tar/commit/d56f790bda9fea807dd80c5083f24771dbdd6eb1"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"type": "PACKAGE",
"url": "https://github.com/npm/node-tar"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-5008"
},
{
"type": "WEB",
"url": "https://www.npmjs.com/package/tar"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links"
}
GHSA-QQH7-C6G3-7CGG
Vulnerability from github – Published: 2022-05-17 01:44 – Updated: 2022-05-17 01:44IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file.
{
"affected": [],
"aliases": [
"CVE-2012-3329"
],
"database_specific": {
"cwe_ids": [
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-12-19T11:55:00Z",
"severity": "LOW"
},
"details": "IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file.",
"id": "GHSA-qqh7-c6g3-7cgg",
"modified": "2022-05-17T01:44:04Z",
"published": "2022-05-17T01:44:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3329"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78044"
},
{
"type": "WEB",
"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5092090"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QQM3-6F5J-2J3H
Vulnerability from github – Published: 2022-04-15 00:00 – Updated: 2022-04-24 00:00A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges through manipulation of symbolic links.
{
"affected": [],
"aliases": [
"CVE-2022-1256"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-14T15:15:00Z",
"severity": "HIGH"
},
"details": "A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user\u0027s %TEMP% directory with System privileges through manipulation of symbolic links.",
"id": "GHSA-qqm3-6f5j-2j3h",
"modified": "2022-04-24T00:00:38Z",
"published": "2022-04-15T00:00:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1256"
},
{
"type": "WEB",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-48.1
Strategy: Separation of Privilege
- Follow the principle of least privilege when assigning access rights to entities in a software system.
- Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CAPEC-132: Symlink Attack
An adversary positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name.
CAPEC-17: Using Malicious Files
An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.
CAPEC-76: Manipulating Web Input to File System Calls
An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.