CVE-2026-50162 in oras-go
Summary
by MITRE • 07/17/2026
oras-go is a Go library for managing OCI artifacts. Prior to 2.6.1, resolveWritePath() in content/file/file.go uses a lexical filepath.Rel check for workingDir and does not account for symlink traversal, so when AllowPathTraversalOnWrite=false an attacker-controlled blob title through ocispec.AnnotationTitle such as out/pwn.txt can follow a workingDir symlink out -> /some/outside/dir and cause pushFile() to create /some/outside/dir/pwn.txt outside workingDir. This issue is fixed in version 2.6.1.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 07/17/2026
The oras-go library presents a critical path traversal vulnerability that affects versions prior to 2.6.1 through improper handling of symbolic links during artifact write operations. This flaw exists within the resolveWritePath() function located in content/file/file.go, where the implementation relies on a lexical filepath.Rel check between the working directory and target paths without adequate consideration for symbolic link resolution. The vulnerability specifically manifests when AllowPathTraversalOnWrite is set to false, which should normally prevent writing files outside the designated working directory boundaries.
The technical exploitation occurs through manipulation of ocispec.AnnotationTitle fields within attacker-controlled blob metadata. When an attacker provides a malicious file path such as "out/pwn.txt" where "out" represents a symbolic link pointing outside the working directory to "/some/outside/dir", the library fails to properly resolve this symlink traversal. This allows the pushFile() function to create files at arbitrary locations outside the intended working directory scope, effectively bypassing the security controls designed to contain artifact storage operations within specified boundaries.
This vulnerability directly corresponds to CWE-22 Path Traversal and aligns with ATT&CK technique T1059.007 Command and Scripting Interpreter: Python, as it enables unauthorized file creation in system directories through manipulated artifact metadata. The flaw represents a classic case of insufficient path validation where symbolic link resolution is not properly accounted for during security boundary checks, allowing attackers to escape containment policies that should restrict file operations to predefined directories.
The operational impact extends beyond simple file creation, potentially enabling attackers to write malicious payloads, overwrite critical system files, or establish persistence mechanisms by placing artifacts in unauthorized locations. This vulnerability undermines the fundamental security assumption that artifact storage operations remain confined to the specified working directory, creating potential for privilege escalation and system compromise when oras-go is used in container registry or artifact management contexts.
Mitigation strategies should focus on upgrading to version 2.6.1 or later where the symbolic link traversal issue has been resolved through proper path resolution before security boundary checks are performed. Organizations should also implement additional monitoring of artifact storage operations, particularly around symbolic link usage in artifact processing pipelines. Security teams should conduct thorough audits of existing deployments to identify any systems running vulnerable versions and ensure proper input validation is implemented at all levels of artifact handling operations.