Quay
Sign in to watchby Red Hat
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-32589 | Hig | 0.48 | 7.4 | 0.00 | Apr 8, 2026 | A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user's in-progress image upload. | |
| CVE-2026-32590 | Hig | 0.46 | 7.1 | 0.00 | Apr 8, 2026 | A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server. | |
| CVE-2026-2377 | Med | 0.42 | 6.5 | 0.00 | Apr 8, 2026 | A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, a vulnerability known as Server-Side Request Forgery (SSRF). This could lead to unauthorized access to sensitive information or other internal systems. | |
| CVE-2026-32591 | Med | 0.34 | 5.2 | 0.00 | Apr 8, 2026 | A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application. | |
| CVE-2019-3864 | 0.00 | — | 0.00 | Jan 21, 2020 | A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The token is not refreshed for every request or when a user logged out and in again. An attacker could use a leaked token to gain access to the system using the user's account. | ||
| CVE-2019-10205 | 0.00 | — | 0.00 | Jan 2, 2020 | A flaw was found in the way Red Hat Quay stores robot account tokens in plain text. An attacker able to perform database queries in the Red Hat Quay database could use the tokens to read or write container images stored in the registry. |