CVE-2026-2377
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk33th percentile - higher than 33% of all known CVEs
Summary
A Server-Side Request Forgery (SSRF) vulnerability was found in Red Hat Quay and mirror registry for Red Hat OpenShift in the log export feature. An authenticated user can specify an arbitrary callback URL, and a backend process makes server-side HTTP requests to this URL. An attacker could exploit this to send requests from the internal network, potentially leading to disclosure of sensitive information.
Risk Assessment
The risk involves the possibility of an SSRF attack, allowing an attacker to access internal network resources and potentially disclose sensitive organizational data such as keys, passwords, or configurations.
Recommendation
It is recommended to immediately update Red Hat Quay and mirror registry to the latest patched version. Additionally, restrict the ability to specify arbitrary callback URLs in the log export feature by implementing a whitelist of allowed domains.
Original NVD description (English source)
A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application's internal network, potentially leading to the disclosure of sensitive information.

