CVE-2026-32590

HIGH WAF: Medium

CVSS 7.1 Published: 2026-04-08

CWE-502

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.

WAF Coverage Analysis

Insecure Deserialization Medium WAF Coverage

OWASP: A08:2021 Software and Data Integrity Failures

944xxx - Java Attack

References

access.redhat.com
bugzilla.redhat.com

Back to CVE Database