Medium6.4Red Hat Linux Updated
SSRF via internal update header injection in proxy-server
CVE-2026-50221 Published Jun 23, 2026Updated by vendor Jun 23, 2026
Affected products & platforms
Red Hat LinuxUnclassified
Summary
SSRF via internal update header injection in proxy-server. Red Hat rates this moderate (CVSS 6.4). Weakness: CWE-918.
Affected versions
- < 2.37.2
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- There is no mitigation for this flaw. The only resolution is to upgrade OpenStack Swift to a patched version: 2.35.3 (for the 2.0.0+ series), 2.36.2 (for the 2.36.x series), or 2.37.2 (for the 2.37.x series). The risk is partially limited because exploitation requires an authenticated user with write access to at least one Swift container.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.