CVEs-PoC/2025/CVE-2025-3528.md

CVE-2025-3528

Description

A flaw was found in the Mirror Registry. The quay-app container shipped as part of the Mirror Registry for OpenShift has write access to the /etc/passwd. This flaw allows a malicious actor with access to the container to modify the passwd file and elevate their privileges to the root user within that pod.

POC

Reference

No PoCs from references.

Github

• https://github.com/fkie-cad/nvd-json-data-feeds