Red Hat Mirror Registry
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Mirror Registry.
By the Year
In 2026 there have been 6 vulnerabilities in Red Hat Mirror Registry with an average score of 6.1 out of ten. Last year, in 2025 Mirror Registry had 2 security vulnerabilities published. That is, 4 more vulnerabilities have already been reported in 2026 as compared to last year. Last year, the average CVE base score was greater by 1.28
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 6 | 6.07 |
| 2025 | 2 | 7.35 |
| 2024 | 4 | 7.48 |
It may take a day or so for new Mirror Registry vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Mirror Registry Security Vulnerabilities
Red Hat Quay Proxy Cache Allows SSRF via Unverified Hostname
CVE-2026-32591
5.2 - Medium
- April 08, 2026
A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application.
SSRF
Code Execution via Malformed Resumable Uploads in Red Hat Quay
CVE-2026-32590
7.1 - High
- April 08, 2026
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.
Marshaling, Unmarshaling
Red Hat Quay Auth User Interferes with in-progress Image Upload
CVE-2026-32589
7.4 - High
- April 08, 2026
A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user's in-progress image upload.
Insecure Direct Object Reference / IDOR
OpenShift Mirror Registry Unauth Auth Failure Exposes Username/Email
CVE-2025-14243
5.3 - Medium
- April 08, 2026
A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, remote attacker to enumerate valid usernames and email addresses via different error messages during authentication failures and account creation.
Generation of Error Message Containing Sensitive Information
Authenticated SSRF via Log Export in mirror-registry
CVE-2026-2377
6.5 - Medium
- April 08, 2026
A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, a vulnerability known as Server-Side Request Forgery (SSRF). This could lead to unauthorized access to sensitive information or other internal systems.
SSRF
Mirror Registry Authenticated Redirect Spoof (CVE-2026-2376)
CVE-2026-2376
4.9 - Medium
- March 12, 2026
A flaw was found in mirror-registry where an authenticated user can trick the system into accessing unintended internal or restricted systems by providing malicious web addresses. When the application processes these addresses, it automatically follows redirects without verifying the final destination, allowing attackers to route requests to systems they should not have access to.
Open Redirect
Mirror Registry Host Header Sanitization Flaw Causing Redirect
CVE-2025-7777
6.5 - Medium
- August 20, 2025
The mirror-registry doesn't properly sanitize the host header HTTP header in HTTP request received, allowing an attacker to perform malicious redirects to attacker-controlled domains or phishing campaigns.
Open Redirect
Mirror Registry Quay-APP /etc/passwd Write Access Enables Root Escalation
CVE-2025-3528
8.2 - High
- May 09, 2025
A flaw was found in the Mirror Registry. The quay-app container shipped as part of the Mirror Registry for OpenShift has write access to the `/etc/passwd`. This flaw allows a malicious actor with access to the container to modify the passwd file and elevate their privileges to the root user within that pod.
Incorrect Default Permissions
Quay: Default DB Secret Key Hardcoded in mirror-registry Templates
CVE-2024-3623
6.5 - Medium
- April 25, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default database secret key, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same database secret key. This flaw allows a malicious actor to access sensitive information from Quay's database.
Unprotected Storage of Credentials
Quay mirror-registry default secret leak enables session cookie replay
CVE-2024-3622
8.8 - High
- April 25, 2024
A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same secret key. This flaw allows a malicious actor to craft session cookies and as a consequence, it may lead to gaining access to the affected Quay instance.
Unprotected Storage of Credentials
Quay Plaintext Config DB Vulnerability (mirror-registry)
CVE-2024-3624
7.3 - High
- April 25, 2024
A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay's database.
Unprotected Storage of Credentials
Quay Container Registry: Plain-Text DB in Jinja Config Allows Redis Access
CVE-2024-3625
7.3 - High
- April 25, 2024
A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on Jinja's config.yaml file. This issue leaves the possibility of a malicious actor with access to this file to gain access to Quay's Redis instance.
Unprotected Storage of Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Mirror Registry or by Red Hat? Click the Watch button to subscribe.
