Tag
An attacker can craft a malicious OCI artifact with a tarball layer containing a hardlink entry that uses a relative path for its target, which, when extracted by `oras-go` (<= 2.6.1) or the `oras` CLI, allows the hardlink to resolve against the process's current working directory (CWD) instead of the intended extraction base, leading to arbitrary file read or modification in the victim's CWD via an inode-sharing vulnerability.