Red Hat Mirror-Registry Host Header Injection Vulnerability

Vulnerability

A host header injection vulnerability has been identified in the Red Hat mirror-registry application. The issue arises because the application fails to properly sanitize the host header in incoming HTTP requests. This vulnerability could allow an attacker to manipulate redirects to domains under their control or to conduct phishing campaigns.

Impact

Exploitation of this vulnerability could lead to host header injection, allowing for malicious redirects or phishing attempts.

Added: Aug 20, 2025, 12:18 PM

Updated: Aug 20, 2025, 3:05 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Red Hat Mirror-Registry Host Header Injection Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating