What is GHSA-9wjq-f6rc-86wf?

GHSA-9wjq-f6rc-86wf is a security advisory published by GitHub Security Advisories with Medium severity. A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization...

Which CVE IDs does GHSA-9wjq-f6rc-86wf cover?

GHSA-9wjq-f6rc-86wf covers the following CVE IDs: CVE-2026-32591. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-9wjq-f6rc-86wf?

GHSA-9wjq-f6rc-86wf has a CVSS v3 base score of 5.2, published by GitHub Security Advisories.

GHSA-9wjq-f6rc-86wfMediumCVSS 5.2

A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization...

Vendor

GitHub Security Advisories

Published

April 8, 2026

Last Modified

May 20, 2026

🔗 CVE IDs covered (1)

CVE-2026-32591 →

📋 Description

A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2026-32591
https://access.redhat.com/security/cve/CVE-2026-32591
https://bugzilla.redhat.com/show_bug.cgi?id=2446965
https://access.redhat.com/errata/RHSA-2026:19375
https://github.com/advisories/GHSA-9wjq-f6rc-86wf