CVE-2026-32591
5.2
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
Summary
A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | Red Hat Quay 3.17 | 1780604033 < * | unaffected |
Weaknesses
- CWE-918: Server-Side Request Forgery (SSRF)
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration
Additional References
- https://access.redhat.com/security/cve/CVE-2026-32591
- https://bugzilla.redhat.com/show_bug.cgi?id=2446965
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32591.json
- https://access.redhat.com/errata/RHSA-2026:24833
References
- https://access.redhat.com/errata/RHSA-2026:24833
- https://access.redhat.com/security/cve/CVE-2026-32591
- https://bugzilla.redhat.com/show_bug.cgi?id=2446965
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.