CVE-2026-24846

{"id": "CVE-2026-24846", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-24846", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-29T21:35:11.721178Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.3}]}, "affected": [{"source": "security-advisories@github.com", "affectedData": [{"vendor": "chainguard-dev", "product": "malcontent", "versions": [{"status": "affected", "version": ">= 1.8.0, < 1.20.3"}]}]}], "published": "2026-01-29T22:15:54.740", "references": [{"url": "https://github.com/chainguard-dev/malcontent/commit/259fca5abc004f3ab238895463ef280a87f30e96", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/chainguard-dev/malcontent/commit/a7dd8a5328ddbaf235568437813efa7591e00017", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/chainguard-dev/malcontent/security/advisories/GHSA-923j-vrcg-hxwh", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-683"}]}], "descriptions": [{"lang": "en", "value": "malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. Starting in version 1.8.0 and prior to version 1.20.3, malcontent could be made to create symlinks outside the intended extraction directory when scanning a specially crafted tar or deb archive. The `handleSymlink` function received arguments in the wrong order, causing the symlink target to be used as the symlink location. Additionally, symlink targets were not validated to ensure they resolved within the extraction directory. Version 1.20.3 introduces fixes that swap handleSymlink arguments, validate symlink location, and validate symlink targets that resolve within an extraction directory."}, {"lang": "es", "value": "malcontent descubre compromisos en la cadena de suministro a trav\u00e9s de contexto, an\u00e1lisis diferencial y YARA. A partir de la versi\u00f3n 1.8.0 y antes de la versi\u00f3n 1.20.3, se pod\u00eda hacer que malcontent creara enlaces simb\u00f3licos fuera del directorio de extracci\u00f3n previsto al escanear un archivo tar o deb especialmente dise\u00f1ado. La funci\u00f3n 'handleSymlink' recibi\u00f3 argumentos en el orden incorrecto, lo que provocaba que el destino del enlace simb\u00f3lico se utilizara como la ubicaci\u00f3n del enlace simb\u00f3lico. Adem\u00e1s, los destinos de los enlaces simb\u00f3licos no se validaban para asegurar que se resolvieran dentro del directorio de extracci\u00f3n. La versi\u00f3n 1.20.3 introduce correcciones que intercambian los argumentos de 'handleSymlink', validan la ubicaci\u00f3n del enlace simb\u00f3lico y validan los destinos de los enlaces simb\u00f3licos que se resuelven dentro de un directorio de extracci\u00f3n."}], "lastModified": "2026-06-17T10:23:41.710", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:chainguard:malcontent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07A5D3A2-09F1-44A0-AF84-E943CF3DC18C", "versionEndExcluding": "1.20.3", "versionStartIncluding": "1.8.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}