VYPR
Vendor

Quay

Products
4
CVEs
13
Across products
13
Status
Private

Products

4

Recent CVEs

13
  • CVE-2024-3622HigApr 25, 2024
    risk 0.57cvss 8.8epss 0.01

    A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same secret key. This…

  • CVE-2019-3864HigJan 21, 2020
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The token is not refreshed for every request or when a user logged out and in again. An attacker could use…

  • CVE-2024-3625HigApr 25, 2024
    risk 0.47cvss 7.3epss 0.00

    A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on Jinja's config.yaml file. This issue leaves the possibility of a malicious actor with access to this file to gain access to Quay's Redis instance.

  • CVE-2024-3624HigApr 25, 2024
    risk 0.47cvss 7.3epss 0.00

    A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay's database.

  • CVE-2023-4956MedNov 7, 2023
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the…

  • CVE-2023-4959MedSep 15, 2023
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in Quay. Cross-site request forgery (CSRF) attacks force a user to perform unwanted actions in an application. During the pentest, it was detected that the config-editor page is vulnerable to CSRF. The config-editor page is used to configure the Quay instance.…

  • CVE-2019-3865MedJun 22, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. Attackers are able to use the name field of service key to inject scripts and make it run when admin users try to change the name.

  • CVE-2026-11569MedJun 8, 2026
    risk 0.35cvss 5.4epss 0.00

    A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored…

  • CVE-2023-3384MedJul 24, 2023
    risk 0.35cvss 5.4epss 0.00

    A flaw was found in the Quay registry. While the image labels created through Quay undergo validation both in the UI and backend by applying a regex (validation.py), the same validation is not performed when the label comes from an image. This flaw allows an attacker to publish…

  • CVE-2026-10052MedMay 29, 2026
    risk 0.27cvss 4.1epss 0.00

    A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform…

  • CVE-2024-5891MedJun 12, 2024
    risk 0.27cvss 4.2epss 0.00

    A vulnerability was found in Quay. If an attacker can obtain the client ID for an application, they can use an OAuth token to authenticate despite not having access to the organization from which the application was created. This issue is limited to authentication and not…

  • CVE-2026-2376MedMar 12, 2026
    risk 0.25cvss 4.9epss 0.00

    A flaw was found in mirror-registry where an authenticated user can trick the system into accessing unintended internal or restricted systems by providing malicious web addresses. When the application processes these addresses, it automatically follows redirects without…

  • CVE-2026-10078LowMay 29, 2026
    risk 0.18cvss 2.7epss 0.00

    A flaw was found in the Quay config-tool's GitLab OAuth validator. This vulnerability causes sensitive credentials, specifically client_id and client_secret, to be transmitted as plaintext in URL query parameters during POST requests to the GitLab endpoint. This insecure…