Description
oras-go is a Go library for managing OCI artifacts. Prior to 2.6.1, auth.Client follows the realm URL from a registry's WWW-Authenticate: Bearer challenge without validating the scheme or host, allowing a malicious or compromised registry to cause SSRF to internal networks such as http://169.254.169.254/, http://10.0.0.x/, and http://127.0.0.1/, or to downgrade a registry contacted over https:// to an http:// token endpoint in registry/remote/auth/client.go through Client.Do(), Client.fetchBearerToken(), fetchDistributionToken, and fetchOAuth2Token. This issue is fixed in version 2.6.1.
Published: 2026-07-17
Score: 2.1 Low
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw in oras-go’s auth.Client permits an attacker to manipulate the realm URL in a registry’s WWW‑Authenticate: Bearer challenge. By providing a malicious or spoofed realm, an external registry or a man‑in‑the‑middle can cause the client to make internal network requests, resulting in server‑side request forgery (SSRF). The same vulnerability can downgrade the TLS connection, allowing credentials to be transmitted in plain text.

Affected Systems

The issue impacts the oras-go client distributed by the ORAS project. No specific affected versions are listed in the advisory, so any installation that has not yet been updated to a patched release is potentially vulnerable.

Risk and Exploitability

The CVSS score of 3.1 indicates low overall severity, and the vulnerability is not present in the CISA KEV catalog. With EPSS not available, the public knowledge of exploitation is limited, yet the attack path—requiring a malicious registry or MITM—makes this a realistic threat for organizations that pull from external registries or operate exposed services.

Generated by OpenCVE AI on July 17, 2026 at 03:32 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade oras-go to the latest released version that validates registry realm URLs and enforces TLS verification.
  • Configure the client to reject any registry that presents an insecure or unmatched realm, and enforce strict HTTPS usage for all registry interactions.
  • Segment critical internal networks and restrict outbound or inbound traffic from registry clients using firewalls or access control lists to mitigate potential SSRF and credential leakage risks.

Generated by OpenCVE AI on July 17, 2026 at 03:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-xf85-363p-868w oras-go: Malicious registry can hijack Bearer token realm to exfiltrate credentials and refresh tokens
History

Fri, 17 Jul 2026 20:00:00 +0000

Type Values Removed Values Added
Description A flaw was found in oras-go. The auth.Client in oras-go does not properly validate the scheme or host of the realm URL provided in a registry's WWW-Authenticate: Bearer challenge. A remote attacker, operating a malicious registry or performing a man-in-the-middle attack, could exploit this to perform Server-Side Request Forgery (SSRF) against internal networks, potentially disclosing sensitive information. Additionally, the flaw could lead to a Transport Layer Security (TLS) downgrade, causing user credentials to be sent over plaintext. oras-go is a Go library for managing OCI artifacts. Prior to 2.6.1, auth.Client follows the realm URL from a registry's WWW-Authenticate: Bearer challenge without validating the scheme or host, allowing a malicious or compromised registry to cause SSRF to internal networks such as http://169.254.169.254/, http://10.0.0.x/, and http://127.0.0.1/, or to downgrade a registry contacted over https:// to an http:// token endpoint in registry/remote/auth/client.go through Client.Do(), Client.fetchBearerToken(), fetchDistributionToken, and fetchOAuth2Token. This issue is fixed in version 2.6.1.
Title oras-go: oras-go: Information disclosure and TLS downgrade via malicious registry realm oras-go: Malicious registry can hijack Bearer token realm to exfiltrate credentials and refresh tokens
Weaknesses CWE-319
References
Metrics cvssV4_0

{'score': 2.1, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}


Wed, 15 Jul 2026 00:15:00 +0000

Type Values Removed Values Added
Description A flaw was found in oras-go. The auth.Client in oras-go does not properly validate the scheme or host of the realm URL provided in a registry's WWW-Authenticate: Bearer challenge. A remote attacker, operating a malicious registry or performing a man-in-the-middle attack, could exploit this to perform Server-Side Request Forgery (SSRF) against internal networks, potentially disclosing sensitive information. Additionally, the flaw could lead to a Transport Layer Security (TLS) downgrade, causing user credentials to be sent over plaintext.
Title oras-go: oras-go: Information disclosure and TLS downgrade via malicious registry realm
Weaknesses CWE-918
References
Metrics threat_severity

None

cvssV3_1

{'score': 3.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N'}

threat_severity

Low


Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-07-17T19:34:53.690Z

Reserved: 2026-05-26T23:26:07.974Z

Link: CVE-2026-48978

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Low

Publid Date: 2026-07-01T21:35:45Z

Links: CVE-2026-48978 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-07-17T03:45:04Z

Weaknesses
  • CWE-319

    Cleartext Transmission of Sensitive Information

  • CWE-918

    Server-Side Request Forgery (SSRF)