CVE-2026-25121 is a relative path traversal vulnerability classified under CWE-23 affecting the chainguard-dev apko tool, which is used to build and publish OCI container images from apk packages. The vulnerability exists in versions from 0.14.8 up to but not including 1.1.1, specifically within the dirFS filesystem abstraction layer. The issue arises because the MkdirAll, Mkdir, and Symlink methods in the pkg/apk/fs/rwosfs.go file use filepath.Join() to construct paths without validating that the resulting paths remain within the intended base directory. An attacker who can supply a malicious APK package—potentially via a compromised or typosquatted repository—can exploit this flaw to create directories or symbolic links outside the designated installation root. This can lead to unauthorized file system modifications during the container image build process, potentially injecting malicious files or overwriting critical files outside the container context. The vulnerability does not require any privileges or user interaction to exploit, making it remotely exploitable if the attacker can influence the APK package source. The flaw has been addressed and patched in apko version 1.1.1, which includes proper path validation to prevent directory traversal. The CVSS v3.1 score is 7.5 (high), reflecting the network attack vector, low attack complexity, no privileges required, no user interaction, and impact on integrity without affecting confidentiality or availability. No known exploits are reported in the wild as of the publication date.

For European organizations, this vulnerability poses a significant risk to the integrity of container images built using vulnerable apko versions. Attackers could inject malicious files or alter build artifacts by exploiting path traversal, potentially leading to compromised container images deployed in production environments. This undermines the software supply chain security, a critical concern in Europe due to stringent regulatory frameworks like the EU Cybersecurity Act and NIS Directive. Organizations relying on apko for container builds, especially those integrating third-party APK packages from less trusted or typosquatted repositories, face increased exposure. The impact is heightened in sectors with high container adoption such as finance, manufacturing, and critical infrastructure, where container integrity is paramount. While confidentiality and availability are not directly impacted, the integrity breach could facilitate further attacks, including privilege escalation or persistent backdoors within containerized applications.

The primary mitigation is to upgrade all instances of apko to version 1.1.1 or later, where the path traversal vulnerability has been patched with proper path validation. Organizations should implement strict validation and verification of APK package sources, employing cryptographic signatures and trusted repositories to prevent supply chain compromise. Container build pipelines should incorporate scanning tools to detect anomalous filesystem operations or unexpected symlink creations during image builds. Employing runtime security monitoring for containers can help detect suspicious behavior stemming from compromised images. Additionally, adopting a zero-trust approach to supply chain components and enforcing least privilege for build environments reduces the attack surface. Regular security audits and dependency updates are essential to maintain resilience against similar vulnerabilities.