Redhat

Mirror Registry

6 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.29%
  • Veröffentlicht 08.04.2026 16:41:55
  • Zuletzt bearbeitet 21.04.2026 18:06:15

A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, remote attacker to enumerate valid usernames and email addresses via different error messages during authentication failures and account creation.

  • EPSS 0.41%
  • Veröffentlicht 08.04.2026 16:26:07
  • Zuletzt bearbeitet 01.07.2026 13:16:58

A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this pro...

  • EPSS 0.16%
  • Veröffentlicht 12.03.2026 19:16:16
  • Zuletzt bearbeitet 02.06.2026 19:23:46

A flaw was found in mirror-registry where an authenticated user can trick the system into accessing unintended internal or restricted systems by providing malicious web addresses. When the application processes these addresses, it automatically fol...

  • EPSS 0.2%
  • Veröffentlicht 20.08.2025 11:38:59
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The mirror-registry doesn't properly sanitize the host header HTTP header in HTTP request received, allowing an attacker to perform malicious redirects to attacker-controlled domains or phishing campaigns.

  • EPSS 0.52%
  • Veröffentlicht 25.04.2024 18:15:09
  • Zuletzt bearbeitet 30.07.2025 14:41:38

A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to hav...

  • EPSS 0.44%
  • Veröffentlicht 25.04.2024 18:15:09
  • Zuletzt bearbeitet 21.01.2026 14:16:05

A flaw was found when using mirror-registry to install Quay. It uses a default database secret key, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-re...