PT-2025-20554 · Unknown · Mirror Registry For Openshift
Antony Di Scala
+1
·
Published
2025-05-09
·
Updated
2025-12-27
·
CVE-2025-3528
CVSS v3.1
8.2
High
| Vector | AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OpenShift Mirror Registry (affected versions not specified)
Description
A flaw was found in the Mirror Registry. The quay-app container shipped as part of the Mirror Registry for OpenShift has write access to the
/etc/passwd file. This flaw allows a malicious actor with access to the container to modify the passwd file and elevate their privileges to the root user within that pod.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
LPE
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mirror Registry For Openshift