Description

A flaw was found in the Mirror Registry. The quay-app container shipped as part of the Mirror Registry for OpenShift has write access to the `/etc/passwd`. This flaw allows a malicious actor with access to the container to modify the passwd file and elevate their privileges to the root user within that pod.

INFO

Published Date :

2025-05-09T11:58:24.957Z

Last Modified :

2026-02-27T16:29:37.084Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2025-3528 vulnerability.

Vendors Products
Redhat
  • Mirror Registry

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact