CVE-2026-50163 in oras-goinfo

Summary

by MITRE • 07/17/2026

oras-go is a Go library for managing OCI artifacts. Prior to 2.6.2, ensureLinkPath in content/file/utils.go:262-275 validates a hardlink target relative to the extract base but returns the unresolved target, causing os.Link("victim.secret", "<extract_base>/payload.tar.gz/evil_cwd_link") to resolve header.Linkname against the process current working directory for a Typeflag=TypeLink entry such as Name=payload.tar.gz/evil_cwd_link and Linkname="victim.secret" with io.deis.oras.content.unpack: "true", which can expose or tamper with files such as .env, .git/config, .aws/credentials, and ~/.ssh/config. This issue is fixed in version 2.6.2.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/17/2026

The oras-go library presents a critical path traversal vulnerability in its content handling mechanisms that could enable arbitrary file access and modification. This flaw exists in the ensureLinkPath function within content/file/utils.go at lines 262-275, where the system validates hardlink targets relative to the extraction base directory but fails to properly resolve these paths before processing. The vulnerability specifically affects versions prior to 2.6.2 and exploits a fundamental weakness in how symbolic and hard links are handled during artifact unpacking operations.

The technical implementation of this flaw occurs when the system processes Typeflag=TypeLink entries where the Linkname field contains relative paths that should be resolved against the extraction base directory but instead get resolved against the process current working directory. This misalignment creates a scenario where an attacker can craft malicious tar archives containing links that point to sensitive files in the host environment, such as .env configuration files, .git/config repositories, .aws/credentials cloud credentials, and ~/.ssh/config SSH authentication files. The vulnerability is particularly dangerous because it leverages the io.deis.oras.content.unpack flag to trigger this behavior during normal artifact processing operations.

When an attacker constructs a payload.tar.gz archive containing a malicious link entry with Name="payload.tar.gz/evil_cwd_link" and Linkname="victim.secret", the system resolves this link against the current working directory rather than the intended extraction base, potentially exposing or modifying critical system files. This behavior represents a classic path traversal vulnerability that allows attackers to bypass intended security boundaries and access files outside of the designated extraction scope. The flaw essentially creates a privilege escalation vector where untrusted content can manipulate the filesystem in unintended ways.

This vulnerability aligns with CWE-22 Path Traversal and follows patterns seen in ATT&CK technique T1059 Command and Scripting Interpreter, where attackers leverage legitimate system utilities to access restricted files. The impact extends beyond simple information disclosure to include potential data exfiltration, credential theft, and system compromise through unauthorized file modification. Organizations using oras-go for managing OCI artifacts should immediately upgrade to version 2.6.2 or later, which implements proper path resolution that ensures hardlink targets are always validated relative to the extraction base directory rather than the current working directory.

The fix in version 2.6.2 addresses this by implementing correct path resolution logic that prevents the vulnerable behavior where unresolved link targets could reference files outside of the intended extraction scope. This update ensures that all hardlink operations properly validate against the designated extraction base, preventing attackers from crafting malicious artifacts that exploit the path traversal weakness. Security teams should conduct thorough vulnerability assessments to identify any systems still running affected versions and implement monitoring for suspicious artifact processing activities that might indicate exploitation attempts.

Responsible

GitHub M

Reservation

06/03/2026

Disclosure

07/17/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!