High severity8.2NVD Advisory· Published May 9, 2025· Updated Apr 15, 2026

CVE-2025-3528

Description

A flaw was found in the Mirror Registry. The quay-app container shipped as part of the Mirror Registry for OpenShift has write access to the /etc/passwd. This flaw allows a malicious actor with access to the container to modify the passwd file and elevate their privileges to the root user within that pod.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHBA-2025:9645nvd
access.redhat.com/security/cve/CVE-2025-3528nvd
bugzilla.redhat.com/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.533
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000