EUVD-2026-33599
GHSA-698x-9w2p-7vvp
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
A flaw was found in Clair. The fetcher component makes outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors without IP or scheme filtering. When PSK authentication is not configured (opt-in, not enforced by default), an unauthenticated attacker can submit a manifest with a URI pointing to internal services or cloud metadata endpoints. The SSRF is reflective for non-200 responses, leaking up to 256 bytes of error body content via CheckResponse error messages. Operator-managed Red Hat Quay deployments auto-configure PSK and are not exposed to the unauthenticated attack vector.
AnalysisAI
Server-Side Request Forgery in Clair's fetcher component exposes internal network services and cloud metadata endpoints to unauthenticated remote attackers who can submit container image manifests with crafted layer descriptor URIs. Affected deployments are those where PSK (Pre-Shared Key) authentication is not configured - an opt-in control that is not enforced by default - meaning standalone or custom Clair installations without PSK are directly exploitable over the network with no credentials. …
Sign in for full analysis, threat intelligence, and remediation guidance.
More from same product – last 7 days
Remote code execution in Hugging Face Transformers 5.2.0 allows a malicious model repository to bypass the user's explic
HAProxy configuration injection in Red Hat OpenShift Container Platform 4 allows a low-privileged tenant with permission
Path traversal in Jupyter Server 2.17.0 allows authenticated users to read and write files in sibling directories outsid
Stack-based buffer overflow in rrdcached (the caching daemon for rrdtool) allows a local attacker with socket access to
Local code execution in Poppler's Splash rendering backend allows attackers to compromise applications that open attacke
Vendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today