CVE-2025-14243

MEDIUM CVSS 5.3 View on NVD ↗

Description

A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, remote attacker to enumerate valid usernames and email addresses via different error messages during authentication failures and account creation.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

https://access.redhat.com/security/cve/CVE-2025-14243
https://bugzilla.redhat.com/show_bug.cgi?id=2419829

Published: Apr 08, 2026 17:20 UTC Modified: Apr 08, 2026 21:26 UTC