CVE-2026-10517 - Vulnerability Details

- Clair: clair: unauthenticated ssrf via manifest layer uri enables internal network reconnaissance

Description

A flaw was found in Clair. The fetcher component makes outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors without IP or scheme filtering. When PSK authentication is not configured (opt-in, not enforced by default), an unauthenticated attacker can submit a manifest with a URI pointing to internal services or cloud metadata endpoints. The SSRF is reflective for non-200 responses, leaking up to 256 bytes of error body content via CheckResponse error messages. Operator-managed Red Hat Quay deployments auto-configure PSK and are not exposed to the unauthenticated attack vector.

Published: 2026-06-01

Score: 5.8 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

A flaw in Clair’s fetcher allows outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors without filtering the IP address or scheme. When a pre‑shared key (PSK) is not configured, an unauthenticated attacker can submit a manifest that targets internal services or cloud metadata endpoints. The response is reflective: non‑200 responses leak up to 256 bytes of the error body through CheckResponse error messages. The weakness is a classic Server Side Request Forgery (CWE‑918), giving an attacker the ability to probe internal network resources.

Affected Systems

The vulnerability exists in Red Hat Quay 3 when it is deployed without PSK authentication. Operator‑managed Quay deployments typically enable PSK by default, which eliminates the unauthenticated attack vector. Unmanaged or custom Quay installations that do not enable PSK remain susceptible.

Risk and Exploitability

The CVSS score of 5.8 indicates a medium severity. EPSS data are not available, and the vulnerability is not listed in CISA KEV. Exploitation requires access to the Quay API to submit a crafted manifest, so while the vector is unprivileged, the attacker must have network reach to the Quay service. The reflective leakage provides a limited but consistent window for internal reconnaissance.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor	Product	Default status	Versions
Red Hat	Red Hat Quay 3	affected	—
Red Hat	Red Hat Quay 3	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Ensure that pre‑shared key authentication is enabled on the Quay instance to protect the fetcher component from unauthenticated access.
Configure the Quay manifest processing settings to restrict or whitelist URIs so that only trusted networks or trusted registries are requested.
Apply the latest Clair update or patch that removes the unfiltered URI handling; if a patch is not available, temporarily disable the ability to submit external manifest layer URIs through configuration.

Generated by OpenCVE AI on June 1, 2026 at 10:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://access.redhat.com/security/cve/CVE-2026-10517

History

Mon, 01 Jun 2026 09:15:00 +0000

Type	Values Removed	Values Added
Description		A flaw was found in Clair. The fetcher component makes outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors without IP or scheme filtering. When PSK authentication is not configured (opt-in, not enforced by default), an unauthenticated attacker can submit a manifest with a URI pointing to internal services or cloud metadata endpoints. The SSRF is reflective for non-200 responses, leaking up to 256 bytes of error body content via CheckResponse error messages. Operator-managed Red Hat Quay deployments auto-configure PSK and are not exposed to the unauthenticated attack vector.
Title		Clair: clair: unauthenticated ssrf via manifest layer uri enables internal network reconnaissance
First Time appeared		Redhat Redhat quay
Weaknesses		CWE-918
CPEs		cpe:/a:redhat:quay:3
Vendors & Products		Redhat Redhat quay
References		https://access.redhat.com/security/cve/CVE-2026-10517
Metrics		cvssV3_1 `{'score': 5.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N'}`

Subscriptions

Redhat Quay

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2026-06-01T07:56:09.156Z

Updated: 2026-06-01T10:23:29.688Z

Reserved: 2026-06-01T07:25:15.700Z

Link: CVE-2026-10517

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-06-01T09:16:16.447

Modified: 2026-06-01T09:16:16.447

Link: CVE-2026-10517

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-01T10:30:26Z

Weaknesses

CWE-918

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object