Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for mirror_registry_for_red_hat_openshift by redhat

    CVE-2026-32591 (GCVE-0-2026-32591)

    Vulnerability from nvd – Published: 2026-04-08 17:06 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration
    Summary
    A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Quay 3.17 Unaffected: 1780604033 , < * (rpm)
        cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2     cpe:/a:redhat:mirror_registry:2
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17     cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Date Public
    2026-04-08 00:00
    Credits
    Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32591",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-10T20:34:13.210994Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-27T14:52:42.383Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.17",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T00:00:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Red Hat Quay\u0027s Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.2,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-918",
                    "description": "Server-Side Request Forgery (SSRF)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:43.501Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-32591"
              },
              {
                "name": "RHBZ#2446965",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446965"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32591.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24833"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:24833: Red Hat Quay 3.17"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-12T15:09:38.210Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T00:00:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.17",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1780604033",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:1"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:2"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:quay:3"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
            }
          ],
          "datePublic": "2026-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Quay\u0027s Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T13:59:48.855Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:24833",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:24833"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-32591"
            },
            {
              "name": "RHBZ#2446965",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446965"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-12T15:09:38.210Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-08T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-918: Server-Side Request Forgery (SSRF)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-32591",
        "datePublished": "2026-04-08T17:06:58.222Z",
        "dateReserved": "2026-03-12T14:39:53.657Z",
        "dateUpdated": "2026-06-30T12:07:43.501Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32590 (GCVE-0-2026-32590)

    Vulnerability from nvd – Published: 2026-04-08 17:04 – Updated: 2026-07-01 00:22
    VLAI
    Title
    Mirror-registry: remote code execution using pickle deserialization
    Summary
    A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-502 - Deserialization of Untrusted Data
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:19375 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21017 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22465 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22840 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23361 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24833 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24853 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28441 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-32590 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2446964 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat mirror registry for Red Hat OpenShift 2.0 Unaffected: 1782177012 , < * (rpm)
        cpe:/a:redhat:mirror_registry:2.0::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.10 Unaffected: 1779822261 , < * (rpm)
        cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.12 Unaffected: 1779811412 , < * (rpm)
        cpe:/a:redhat:quay:3.12::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14 Unaffected: 1779689392 , < * (rpm)
        cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15 Unaffected: 1780891395 , < * (rpm)
        cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16 Unaffected: 1779204086 , < * (rpm)
        cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17 Unaffected: 1779922205 , < * (rpm)
        cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17 Unaffected: 1780604033 , < * (rpm)
        cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9 Unaffected: 1779811473 , < * (rpm)
        cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Date Public
    2026-04-08 00:00
    Credits
    Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32590",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T19:14:47.764287Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T19:14:55.136Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:2.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift 2.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1782177012",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.10::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.10",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779822261",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.12::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.12",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811412",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.14",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779689392",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.15",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1780891395",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779204086",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.17",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779922205",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.17",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1780604033",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.9::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811473",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:1"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
            }
          ],
          "datePublic": "2026-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Quay\u0027s handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "Deserialization of Untrusted Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T00:22:07.156Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:19375",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:19375"
            },
            {
              "name": "RHSA-2026:21017",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:21017"
            },
            {
              "name": "RHSA-2026:22465",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22465"
            },
            {
              "name": "RHSA-2026:22629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22629"
            },
            {
              "name": "RHSA-2026:22840",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22840"
            },
            {
              "name": "RHSA-2026:23361",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:23361"
            },
            {
              "name": "RHSA-2026:24833",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:24833"
            },
            {
              "name": "RHSA-2026:24853",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:24853"
            },
            {
              "name": "RHSA-2026:28441",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:28441"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-32590"
            },
            {
              "name": "RHBZ#2446964",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446964"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-12T14:43:11.443Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-08T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Mirror-registry: remote code execution using pickle deserialization",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-502: Deserialization of Untrusted Data"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-32590",
        "datePublished": "2026-04-08T17:04:22.870Z",
        "dateReserved": "2026-03-12T14:39:53.657Z",
        "dateUpdated": "2026-07-01T00:22:07.156Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32589 (GCVE-0-2026-32589)

    Vulnerability from nvd – Published: 2026-04-08 17:04 – Updated: 2026-07-01 12:04
    VLAI
    Title
    Mirror-registry: quay: insecure direct object reference in blobupload
    Summary
    A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user's in-progress image upload.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:19375 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21017 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22465 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22840 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23361 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24853 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28441 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-32589 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2446963 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    Impacted products
    Vendor Product Version
    Red Hat mirror registry for Red Hat OpenShift 2.0 Unaffected: 1782177012 , < * (rpm)
        cpe:/a:redhat:mirror_registry:2.0::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.10 Unaffected: 1779822261 , < * (rpm)
        cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.12 Unaffected: 1779811412 , < * (rpm)
        cpe:/a:redhat:quay:3.12::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14 Unaffected: 1779689392 , < * (rpm)
        cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15 Unaffected: 1780891395 , < * (rpm)
        cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16 Unaffected: 1779204086 , < * (rpm)
        cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17 Unaffected: 1779922205 , < * (rpm)
        cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9 Unaffected: 1779811473 , < * (rpm)
        cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat Red Hat Quay 3.10     cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.12     cpe:/a:redhat:quay:3.12::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14     cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15     cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16     cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17     cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9     cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2.0     cpe:/a:redhat:mirror_registry:2.0::el8
    Create a notification for this product.
    Date Public
    2026-04-08 00:00
    Credits
    Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32589",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T18:01:21.450628Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T18:01:32.402Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.10::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.12::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.12",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.14::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.15::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.15",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.16",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.17",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.9::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2.0::el8"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift 2.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T00:00:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Red Hat Quay\u0027s container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user\u0027s in-progress image upload."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 7.4,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-639",
                    "description": "Authorization Bypass Through User-Controlled Key",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T12:04:50.676Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
              },
              {
                "name": "RHBZ#2446963",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446963"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32589.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22840"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22629"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21017"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24853"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19375"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22465"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23361"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28441"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:22840: Red Hat Quay 3.10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22629: Red Hat Quay 3.12"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21017: Red Hat Quay 3.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24853: Red Hat Quay 3.15"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19375: Red Hat Quay 3.16"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22465: Red Hat Quay 3.17"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23361: Red Hat Quay 3.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-12T14:43:07.878Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T00:00:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "mirror-registry: quay: insecure direct object reference in BlobUpload",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:2.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift 2.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1782177012",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.10::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.10",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779822261",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.12::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.12",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811412",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.14",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779689392",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.15",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1780891395",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779204086",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.17",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779922205",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.9::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811473",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:1"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
            }
          ],
          "datePublic": "2026-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Quay\u0027s container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user\u0027s in-progress image upload."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T00:09:19.041Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:19375",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:19375"
            },
            {
              "name": "RHSA-2026:21017",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:21017"
            },
            {
              "name": "RHSA-2026:22465",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22465"
            },
            {
              "name": "RHSA-2026:22629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22629"
            },
            {
              "name": "RHSA-2026:22840",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22840"
            },
            {
              "name": "RHSA-2026:23361",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:23361"
            },
            {
              "name": "RHSA-2026:24853",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:24853"
            },
            {
              "name": "RHSA-2026:28441",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:28441"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
            },
            {
              "name": "RHBZ#2446963",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446963"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-12T14:43:07.878Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-08T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Mirror-registry: quay: insecure direct object reference in blobupload",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-639: Authorization Bypass Through User-Controlled Key"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-32589",
        "datePublished": "2026-04-08T17:04:20.284Z",
        "dateReserved": "2026-03-12T14:39:53.657Z",
        "dateUpdated": "2026-07-01T12:04:50.676Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2377 (GCVE-0-2026-2377)

    Vulnerability from nvd – Published: 2026-04-08 16:26 – Updated: 2026-07-01 12:04
    VLAI
    Title
    Mirror-registry: quay: quay: server-side request forgery via log export functionality
    Summary
    A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application's internal network, potentially leading to the disclosure of sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:19375 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21017 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22840 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23361 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24853 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-2377 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2439201 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Quay 3.10 Unaffected: 1779822261 , < * (rpm)
        cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.12 Unaffected: 1779811412 , < * (rpm)
        cpe:/a:redhat:quay:3.12::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14 Unaffected: 1779689392 , < * (rpm)
        cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15 Unaffected: 1780891395 , < * (rpm)
        cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16 Unaffected: 1779204086 , < * (rpm)
        cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9 Unaffected: 1779811473 , < * (rpm)
        cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2     cpe:/a:redhat:mirror_registry:2
    Create a notification for this product.
    Red Hat Red Hat Quay 3.10     cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.12     cpe:/a:redhat:quay:3.12::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14     cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15     cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16     cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9     cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Date Public
    2026-04-08 16:18
    Credits
    Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2377",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T18:42:52.638708Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T18:43:00.505Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.10::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.12::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.12",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.14::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.15::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.15",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.16",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.9::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift 2",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T16:18:10.324Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application\u0027s internal network, potentially leading to the disclosure of sensitive information."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-918",
                    "description": "Server-Side Request Forgery (SSRF)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T12:04:54.901Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-2377"
              },
              {
                "name": "RHBZ#2439201",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439201"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2377.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22840"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22629"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21017"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24853"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19375"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23361"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:22840: Red Hat Quay 3.10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22629: Red Hat Quay 3.12"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21017: Red Hat Quay 3.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24853: Red Hat Quay 3.15"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19375: Red Hat Quay 3.16"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23361: Red Hat Quay 3.9"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-02-11T21:02:44.495Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T16:18:10.324Z",
                "value": "Made public."
              }
            ],
            "title": "mirror-registry: quay: quay: Server-Side Request Forgery via log export functionality",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.10::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.10",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779822261",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.12::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.12",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811412",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.14",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779689392",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.15",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1780891395",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779204086",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.9::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811473",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:1"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:2"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift 2",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
            }
          ],
          "datePublic": "2026-04-08T16:18:10.324Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application\u0027s internal network, potentially leading to the disclosure of sensitive information."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T00:07:53.292Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:19375",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:19375"
            },
            {
              "name": "RHSA-2026:21017",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:21017"
            },
            {
              "name": "RHSA-2026:22629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22629"
            },
            {
              "name": "RHSA-2026:22840",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22840"
            },
            {
              "name": "RHSA-2026:23361",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:23361"
            },
            {
              "name": "RHSA-2026:24853",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:24853"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-2377"
            },
            {
              "name": "RHBZ#2439201",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439201"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-11T21:02:44.495Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-08T16:18:10.324Z",
              "value": "Made public."
            }
          ],
          "title": "Mirror-registry: quay: quay: server-side request forgery via log export functionality",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-918: Server-Side Request Forgery (SSRF)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-2377",
        "datePublished": "2026-04-08T16:26:07.649Z",
        "dateReserved": "2026-02-11T20:57:59.704Z",
        "dateUpdated": "2026-07-01T12:04:54.901Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14243 (GCVE-0-2025-14243)

    Vulnerability from nvd – Published: 2026-04-08 16:41 – Updated: 2026-04-08 21:46
    VLAI
    Title
    Mirror-registry: openshift mirror registry: user enumeration via authentication error messages
    Summary
    A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, remote attacker to enumerate valid usernames and email addresses via different error messages during authentication failures and account creation.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-209 - Generation of Error Message Containing Sensitive Information
    Assigner
    References
    URL Tags
    https://access.redhat.com/security/cve/CVE-2025-14243 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2419829 issue-trackingx_refsource_REDHAT
    Impacted products
    Date Public
    2026-04-08 16:31
    Credits
    Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14243",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T19:14:34.911976Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T19:22:41.466Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:1"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:2"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift 2",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
            }
          ],
          "datePublic": "2026-04-08T16:31:00.659Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, remote attacker to enumerate valid usernames and email addresses via different error messages during authentication failures and account creation."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-209",
                  "description": "Generation of Error Message Containing Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T21:46:14.175Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-14243"
            },
            {
              "name": "RHBZ#2419829",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419829"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-08T04:22:23.735Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-08T16:31:00.659Z",
              "value": "Made public."
            }
          ],
          "title": "Mirror-registry: openshift mirror registry: user enumeration via authentication error messages",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-209: Generation of Error Message Containing Sensitive Information"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-14243",
        "datePublished": "2026-04-08T16:41:55.597Z",
        "dateReserved": "2025-12-08T04:22:54.845Z",
        "dateUpdated": "2026-04-08T21:46:14.175Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32591 (GCVE-0-2026-32591)

    Vulnerability from cvelistv5 – Published: 2026-04-08 17:06 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration
    Summary
    A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Quay 3.17 Unaffected: 1780604033 , < * (rpm)
        cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2     cpe:/a:redhat:mirror_registry:2
    Create a notification for this product.
    Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17     cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Date Public
    2026-04-08 00:00
    Credits
    Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32591",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-10T20:34:13.210994Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-27T14:52:42.383Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.17",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T00:00:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Red Hat Quay\u0027s Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.2,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-918",
                    "description": "Server-Side Request Forgery (SSRF)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:43.501Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-32591"
              },
              {
                "name": "RHBZ#2446965",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446965"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32591.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24833"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:24833: Red Hat Quay 3.17"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-12T15:09:38.210Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T00:00:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.17",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1780604033",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:1"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:2"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:quay:3"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
            }
          ],
          "datePublic": "2026-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Quay\u0027s Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T13:59:48.855Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:24833",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:24833"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-32591"
            },
            {
              "name": "RHBZ#2446965",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446965"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-12T15:09:38.210Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-08T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-918: Server-Side Request Forgery (SSRF)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-32591",
        "datePublished": "2026-04-08T17:06:58.222Z",
        "dateReserved": "2026-03-12T14:39:53.657Z",
        "dateUpdated": "2026-06-30T12:07:43.501Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32590 (GCVE-0-2026-32590)

    Vulnerability from cvelistv5 – Published: 2026-04-08 17:04 – Updated: 2026-07-01 00:22
    VLAI
    Title
    Mirror-registry: remote code execution using pickle deserialization
    Summary
    A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-502 - Deserialization of Untrusted Data
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:19375 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21017 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22465 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22840 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23361 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24833 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24853 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28441 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-32590 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2446964 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat mirror registry for Red Hat OpenShift 2.0 Unaffected: 1782177012 , < * (rpm)
        cpe:/a:redhat:mirror_registry:2.0::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.10 Unaffected: 1779822261 , < * (rpm)
        cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.12 Unaffected: 1779811412 , < * (rpm)
        cpe:/a:redhat:quay:3.12::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14 Unaffected: 1779689392 , < * (rpm)
        cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15 Unaffected: 1780891395 , < * (rpm)
        cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16 Unaffected: 1779204086 , < * (rpm)
        cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17 Unaffected: 1779922205 , < * (rpm)
        cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17 Unaffected: 1780604033 , < * (rpm)
        cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9 Unaffected: 1779811473 , < * (rpm)
        cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Date Public
    2026-04-08 00:00
    Credits
    Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32590",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T19:14:47.764287Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T19:14:55.136Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:2.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift 2.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1782177012",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.10::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.10",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779822261",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.12::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.12",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811412",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.14",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779689392",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.15",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1780891395",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779204086",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.17",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779922205",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.17",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1780604033",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.9::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811473",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:1"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
            }
          ],
          "datePublic": "2026-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Quay\u0027s handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "Deserialization of Untrusted Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T00:22:07.156Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:19375",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:19375"
            },
            {
              "name": "RHSA-2026:21017",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:21017"
            },
            {
              "name": "RHSA-2026:22465",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22465"
            },
            {
              "name": "RHSA-2026:22629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22629"
            },
            {
              "name": "RHSA-2026:22840",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22840"
            },
            {
              "name": "RHSA-2026:23361",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:23361"
            },
            {
              "name": "RHSA-2026:24833",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:24833"
            },
            {
              "name": "RHSA-2026:24853",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:24853"
            },
            {
              "name": "RHSA-2026:28441",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:28441"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-32590"
            },
            {
              "name": "RHBZ#2446964",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446964"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-12T14:43:11.443Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-08T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Mirror-registry: remote code execution using pickle deserialization",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-502: Deserialization of Untrusted Data"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-32590",
        "datePublished": "2026-04-08T17:04:22.870Z",
        "dateReserved": "2026-03-12T14:39:53.657Z",
        "dateUpdated": "2026-07-01T00:22:07.156Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-32589 (GCVE-0-2026-32589)

    Vulnerability from cvelistv5 – Published: 2026-04-08 17:04 – Updated: 2026-07-01 12:04
    VLAI
    Title
    Mirror-registry: quay: insecure direct object reference in blobupload
    Summary
    A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user's in-progress image upload.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:19375 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21017 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22465 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22840 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23361 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24853 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:28441 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-32589 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2446963 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    Impacted products
    Vendor Product Version
    Red Hat mirror registry for Red Hat OpenShift 2.0 Unaffected: 1782177012 , < * (rpm)
        cpe:/a:redhat:mirror_registry:2.0::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.10 Unaffected: 1779822261 , < * (rpm)
        cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.12 Unaffected: 1779811412 , < * (rpm)
        cpe:/a:redhat:quay:3.12::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14 Unaffected: 1779689392 , < * (rpm)
        cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15 Unaffected: 1780891395 , < * (rpm)
        cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16 Unaffected: 1779204086 , < * (rpm)
        cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17 Unaffected: 1779922205 , < * (rpm)
        cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9 Unaffected: 1779811473 , < * (rpm)
        cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat Red Hat Quay 3.10     cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.12     cpe:/a:redhat:quay:3.12::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14     cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15     cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16     cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.17     cpe:/a:redhat:quay:3.17::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9     cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2.0     cpe:/a:redhat:mirror_registry:2.0::el8
    Create a notification for this product.
    Date Public
    2026-04-08 00:00
    Credits
    Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-32589",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T18:01:21.450628Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T18:01:32.402Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.10::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.12::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.12",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.14::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.15::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.15",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.16",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.17",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.9::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2.0::el8"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift 2.0",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T00:00:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Red Hat Quay\u0027s container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user\u0027s in-progress image upload."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "LOW",
                  "baseScore": 7.4,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-639",
                    "description": "Authorization Bypass Through User-Controlled Key",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T12:04:50.676Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
              },
              {
                "name": "RHBZ#2446963",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446963"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32589.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22840"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22629"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21017"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24853"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19375"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22465"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23361"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:28441"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:22840: Red Hat Quay 3.10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22629: Red Hat Quay 3.12"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21017: Red Hat Quay 3.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24853: Red Hat Quay 3.15"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19375: Red Hat Quay 3.16"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22465: Red Hat Quay 3.17"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23361: Red Hat Quay 3.9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-12T14:43:07.878Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T00:00:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "mirror-registry: quay: insecure direct object reference in BlobUpload",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:2.0::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift 2.0",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1782177012",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.10::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.10",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779822261",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.12::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.12",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811412",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.14",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779689392",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.15",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1780891395",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779204086",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.17::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.17",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779922205",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.9::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811473",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:1"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
            }
          ],
          "datePublic": "2026-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Quay\u0027s container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user\u0027s in-progress image upload."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T00:09:19.041Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:19375",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:19375"
            },
            {
              "name": "RHSA-2026:21017",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:21017"
            },
            {
              "name": "RHSA-2026:22465",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22465"
            },
            {
              "name": "RHSA-2026:22629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22629"
            },
            {
              "name": "RHSA-2026:22840",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22840"
            },
            {
              "name": "RHSA-2026:23361",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:23361"
            },
            {
              "name": "RHSA-2026:24853",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:24853"
            },
            {
              "name": "RHSA-2026:28441",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:28441"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-32589"
            },
            {
              "name": "RHBZ#2446963",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446963"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-12T14:43:07.878Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-08T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Mirror-registry: quay: insecure direct object reference in blobupload",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-639: Authorization Bypass Through User-Controlled Key"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-32589",
        "datePublished": "2026-04-08T17:04:20.284Z",
        "dateReserved": "2026-03-12T14:39:53.657Z",
        "dateUpdated": "2026-07-01T12:04:50.676Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14243 (GCVE-0-2025-14243)

    Vulnerability from cvelistv5 – Published: 2026-04-08 16:41 – Updated: 2026-04-08 21:46
    VLAI
    Title
    Mirror-registry: openshift mirror registry: user enumeration via authentication error messages
    Summary
    A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, remote attacker to enumerate valid usernames and email addresses via different error messages during authentication failures and account creation.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-209 - Generation of Error Message Containing Sensitive Information
    Assigner
    References
    URL Tags
    https://access.redhat.com/security/cve/CVE-2025-14243 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2419829 issue-trackingx_refsource_REDHAT
    Impacted products
    Date Public
    2026-04-08 16:31
    Credits
    Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14243",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T19:14:34.911976Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T19:22:41.466Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:1"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:2"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift 2",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
            }
          ],
          "datePublic": "2026-04-08T16:31:00.659Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, remote attacker to enumerate valid usernames and email addresses via different error messages during authentication failures and account creation."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-209",
                  "description": "Generation of Error Message Containing Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T21:46:14.175Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-14243"
            },
            {
              "name": "RHBZ#2419829",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419829"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-08T04:22:23.735Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-08T16:31:00.659Z",
              "value": "Made public."
            }
          ],
          "title": "Mirror-registry: openshift mirror registry: user enumeration via authentication error messages",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-209: Generation of Error Message Containing Sensitive Information"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-14243",
        "datePublished": "2026-04-08T16:41:55.597Z",
        "dateReserved": "2025-12-08T04:22:54.845Z",
        "dateUpdated": "2026-04-08T21:46:14.175Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2377 (GCVE-0-2026-2377)

    Vulnerability from cvelistv5 – Published: 2026-04-08 16:26 – Updated: 2026-07-01 12:04
    VLAI
    Title
    Mirror-registry: quay: quay: server-side request forgery via log export functionality
    Summary
    A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application's internal network, potentially leading to the disclosure of sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2026:19375 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:21017 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:22840 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:23361 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24853 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2026-2377 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2439201 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Quay 3.10 Unaffected: 1779822261 , < * (rpm)
        cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.12 Unaffected: 1779811412 , < * (rpm)
        cpe:/a:redhat:quay:3.12::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14 Unaffected: 1779689392 , < * (rpm)
        cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15 Unaffected: 1780891395 , < * (rpm)
        cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16 Unaffected: 1779204086 , < * (rpm)
        cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9 Unaffected: 1779811473 , < * (rpm)
        cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift     cpe:/a:redhat:mirror_registry:1
    Create a notification for this product.
    Red Hat mirror registry for Red Hat OpenShift 2     cpe:/a:redhat:mirror_registry:2
    Create a notification for this product.
    Red Hat Red Hat Quay 3.10     cpe:/a:redhat:quay:3.10::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.12     cpe:/a:redhat:quay:3.12::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.14     cpe:/a:redhat:quay:3.14::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.15     cpe:/a:redhat:quay:3.15::el8
    Create a notification for this product.
    Red Hat Red Hat Quay 3.16     cpe:/a:redhat:quay:3.16::el9
    Create a notification for this product.
    Red Hat Red Hat Quay 3.9     cpe:/a:redhat:quay:3.9::el8
    Create a notification for this product.
    Date Public
    2026-04-08 16:18
    Credits
    Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2377",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T18:42:52.638708Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T18:43:00.505Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.10::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.12::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.12",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.14::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.15::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.15",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.16",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quay:3.9::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Quay 3.9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:1"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:mirror_registry:2"
                ],
                "defaultStatus": "affected",
                "product": "mirror registry for Red Hat OpenShift 2",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-08T16:18:10.324Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application\u0027s internal network, potentially leading to the disclosure of sensitive information."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-918",
                    "description": "Server-Side Request Forgery (SSRF)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T12:04:54.901Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-2377"
              },
              {
                "name": "RHBZ#2439201",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439201"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2377.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22840"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:22629"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21017"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24853"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19375"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23361"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:22840: Red Hat Quay 3.10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:22629: Red Hat Quay 3.12"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21017: Red Hat Quay 3.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24853: Red Hat Quay 3.15"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19375: Red Hat Quay 3.16"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23361: Red Hat Quay 3.9"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-02-11T21:02:44.495Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-08T16:18:10.324Z",
                "value": "Made public."
              }
            ],
            "title": "mirror-registry: quay: quay: Server-Side Request Forgery via log export functionality",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.10::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.10",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779822261",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.12::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.12",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811412",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.14::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.14",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779689392",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.15::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.15",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1780891395",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.16::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel9",
              "product": "Red Hat Quay 3.16",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779204086",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:quay:3.9::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "quay/quay-rhel8",
              "product": "Red Hat Quay 3.9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "1779811473",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:1"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:mirror_registry:2"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift/mirror-registry-rhel8",
              "product": "mirror registry for Red Hat OpenShift 2",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
            }
          ],
          "datePublic": "2026-04-08T16:18:10.324Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application\u0027s internal network, potentially leading to the disclosure of sensitive information."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T00:07:53.292Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2026:19375",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:19375"
            },
            {
              "name": "RHSA-2026:21017",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:21017"
            },
            {
              "name": "RHSA-2026:22629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22629"
            },
            {
              "name": "RHSA-2026:22840",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:22840"
            },
            {
              "name": "RHSA-2026:23361",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:23361"
            },
            {
              "name": "RHSA-2026:24853",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:24853"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-2377"
            },
            {
              "name": "RHBZ#2439201",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439201"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-11T21:02:44.495Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-04-08T16:18:10.324Z",
              "value": "Made public."
            }
          ],
          "title": "Mirror-registry: quay: quay: server-side request forgery via log export functionality",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-918: Server-Side Request Forgery (SSRF)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-2377",
        "datePublished": "2026-04-08T16:26:07.649Z",
        "dateReserved": "2026-02-11T20:57:59.704Z",
        "dateUpdated": "2026-07-01T12:04:54.901Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }