VYPR

Mirror Registry

by Red Hat

CVEs (2)

  • CVE-2026-2377MedApr 8, 2026
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, a vulnerability known as Server-Side…

  • CVE-2026-2376MedMar 12, 2026
    risk 0.25cvss 4.9epss 0.00

    A flaw was found in mirror-registry where an authenticated user can trick the system into accessing unintended internal or restricted systems by providing malicious web addresses. When the application processes these addresses, it automatically follows redirects without…