RHSA-2026:28571HighCVSS 8.1

Red Hat Security Advisory: Red Hat Quay 3.9.23

Published
June 23, 2026
Last Modified
July 6, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2026-6322 — fast-uri: fast-uri: URI authority bypass due to improper delimiter handling CVE-2026-9277 — shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators CVE-2026-10143 — kafka-python: kafka-python: Denial of Service via excessive SCRAM authentication iteration count CVE-2026-44432 — urllib3: urllib3: Denial of Service due to excessive HTTP response decompression CVE-2026-44496 — axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name CVE-2026-48526 — python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens

🔗 References (9)