Skip to main content

Mirror Registry For Red Hat Openshift CVE-2026-2377

| EUVDEUVD-2026-20507 MEDIUM
Server-Side Request Forgery (SSRF) (CWE-918)
2026-04-08 redhat GHSA-2c4x-699h-vw5x
6.5
CVSS 3.1 · Vendor: redhat
Share

Severity by source

Vendor (redhat) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Red Hat
6.5 HIGH
qualitative

Primary rating from Vendor (redhat).

CVSS VectorVendor: redhat

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Apr 08, 2026 - 17:16 euvd
EUVD-2026-20507
Analysis Generated
Apr 08, 2026 - 17:16 vuln.today
CVE Published
Apr 08, 2026 - 16:26 nvd
MEDIUM 6.5

DescriptionCVE.org

A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, a vulnerability known as Server-Side Request Forgery (SSRF). This could lead to unauthorized access to sensitive information or other internal systems.

AnalysisAI

Server-side request forgery (SSRF) in Red Hat Mirror Registry and Red Hat Quay 3.x allows authenticated users to conduct arbitrary requests to internal network resources via a specially crafted URL in the log export feature, potentially exposing sensitive information and compromising internal systems. CVSS 6.5 (medium severity) with confirmed authentication requirement and high confidentiality impact. No active exploitation or public exploit code identified at time of analysis.

Technical ContextAI

The vulnerability exploits improper input validation in the log export functionality of Red Hat Mirror Registry and Red Hat Quay. When an authenticated user provides a maliciously crafted URL parameter to the log export feature, the application's backend processes the request without sufficient server-side validation, allowing the backend to make HTTP requests to attacker-specified destinations. This is a classic Server-Side Request Forgery (SSRF) vulnerability classified under CWE-918 (Server-Side Request Forgery), where the application acts as an unwitting proxy for the attacker. The affected products are Red Hat Mirror Registry for Red Hat OpenShift (all versions), Mirror Registry for Red Hat OpenShift 2.x, and Red Hat Quay 3.x, as identified by multiple CPE strings in the inventory.

RemediationAI

Consult the Red Hat security advisory at https://access.redhat.com/security/cve/CVE-2026-2377 for the specific patched versions available for Mirror Registry and Quay 3.x; apply the recommended patch or upgrade immediately. As an interim control pending patch deployment, restrict access to the log export feature to only trusted administrative users and implement network-level controls (firewall rules, egress filtering) to prevent the affected application backends from reaching sensitive internal services or metadata endpoints. Additionally, audit audit logs for suspicious log export requests with unusual URL parameters targeting internal IP ranges or localhost.

Vendor StatusVendor

Share

CVE-2026-2377 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy