2025-08-20 11:38:59
redhat
PUBLISHED
The mirror-registry doesnt properly sanitize the host header HTTP header in HTTP request received, allowing an attacker to perform malicious redirects to attacker-controlled domains or phishing campaigns.