Red Hat Mirror-Registry Server-Side Request Forgery Vulnerability via Open Redirect

Vulnerability

A server-side request forgery (SSRF) vulnerability has been identified in Red Hat Mirror-Registry. This issue allows authenticated users to manipulate the application into accessing unintended internal or restricted systems by providing malicious web addresses. The application processes these addresses by automatically following redirects without verifying the final destination, enabling attackers to route requests to systems they should not have access to.

Impact

Exploitation of this vulnerability could lead to server-side request forgery, where the application is tricked into making HTTP requests to arbitrary destinations. This could potentially be used to access internal services or systems that are normally restricted.

Added: Mar 12, 2026, 7:28 PM

Updated: Mar 12, 2026, 7:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.7

remediation

0.0

relevance

3.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.7

remediation

0.0

relevance

3.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Red Hat Mirror-Registry Server-Side Request Forgery Vulnerability via Open Redirect

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating