Red Hat Security Advisory: Red Hat Quay 3.17.3
Red Hat Quay 3. 17. 3 addresses security vulnerabilities identified as CVE-2026-32590 and CVE-2026-32591. The update includes bug fixes and improvements such as logging source IP addresses behind OpenShift haproxy ingress controllers and allowing a single email address for multiple organizations. The advisory classifies the severity as high. No known exploits are reported in the wild. The vendor has released this version as a security update.
AI Analysis
Technical Summary
Red Hat Quay 3.17.3 is a security update that fixes two vulnerabilities tracked as CVE-2026-32590 and CVE-2026-32591. The update resolves issues including missing source IP logging for certain operations when running behind OpenShift haproxy ingress controller and improves email address handling across organizations. The advisory RHSA-2026:24833 recommends applying this update after ensuring all previous errata are applied. No CVSS score is provided, and no exploits are currently known in the wild.
Potential Impact
The vulnerabilities addressed have been rated with high severity by Red Hat Product Security. The issues may affect logging accuracy and organizational email address management within Red Hat Quay, potentially impacting audit and operational integrity. No evidence of active exploitation is reported.
Mitigation Recommendations
Red Hat has released version 3.17.3 of Red Hat Quay to fix these vulnerabilities. Users should apply this update after confirming all prior relevant errata have been installed. No additional mitigation steps are indicated by the vendor advisory.
Red Hat Security Advisory: Red Hat Quay 3.17.3
Description
Red Hat Quay 3. 17. 3 addresses security vulnerabilities identified as CVE-2026-32590 and CVE-2026-32591. The update includes bug fixes and improvements such as logging source IP addresses behind OpenShift haproxy ingress controllers and allowing a single email address for multiple organizations. The advisory classifies the severity as high. No known exploits are reported in the wild. The vendor has released this version as a security update.
Affected software
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Red Hat Quay 3.17.3 is a security update that fixes two vulnerabilities tracked as CVE-2026-32590 and CVE-2026-32591. The update resolves issues including missing source IP logging for certain operations when running behind OpenShift haproxy ingress controller and improves email address handling across organizations. The advisory RHSA-2026:24833 recommends applying this update after ensuring all previous errata are applied. No CVSS score is provided, and no exploits are currently known in the wild.
Potential Impact
The vulnerabilities addressed have been rated with high severity by Red Hat Product Security. The issues may affect logging accuracy and organizational email address management within Red Hat Quay, potentially impacting audit and operational integrity. No evidence of active exploitation is reported.
Mitigation Recommendations
Red Hat has released version 3.17.3 of Red Hat Quay to fix these vulnerabilities. Users should apply this update after confirming all prior relevant errata have been installed. No additional mitigation steps are indicated by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:24833
- Cve Count
- 2
- Additional Cves
- ["CVE-2026-32591"]
- Cvss Version
- null
Threat ID: 6a29510a8dd33fbd853e6354
Added to database: 6/10/2026, 11:56:58 AM
Last enriched: 6/10/2026, 12:11:58 PM
Last updated: 6/10/2026, 12:49:35 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.