13 matches found
EUVD-2024-50089
Malicious code in bioql PyPI...
EUVD-2023-54795
Malicious code in bioql PyPI...
EUVD-2023-54792
Malicious code in bioql PyPI...
EUVD-2024-32202
Malicious code in bioql PyPI...
EUVD-2024-47026
Malicious code in bioql PyPI...
CVE-2025-4374
A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasn't been mirrored yet, they are granted "Admin" permissions on the newly created repository...
CVE-2025-4374 Quay: incorrect privilege assignment
A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasn't been mirrored yet, they are granted "Admin" permissions on the newly created repository...
PT-2025-19956 · Quay · Quay
Name of the Vulnerable Software and Affected Versions: Quay affected versions not specified Description: A flaw was found in Quay where an organization acting as a proxy cache grants "Admin" permissions on a newly created repository when a user or robot pulls an image that hasn't been mirrored ye...
CVE-2024-5891
A vulnerability was found in Quay. If an attacker can obtain the client ID for an application, they can use an OAuth token to authenticate despite not having access to the organization from which the application was created. This issue is limited to authentication and not authorization. However, ...
PT-2024-3594 · Quay · Quay
Name of the Vulnerable Software and Affected Versions: Quay affected versions not specified Description: The issue is related to the storage of critical information in plain text, which can be exploited by a remote attacker to create session cookies and gain unauthorized access to the affected Qu...
PT-2024-3592
Name of the Vulnerable Software and Affected Versions Quay affected versions not specified Description A flaw was found in Quay when using mirror-registry to install it, where a default database secret key is used and stored in plain-text format in a configuration template file. This issue may le...
Red Hat Quay Security Vulnerability
Red Hat Quay is a distributed container image repository from Red Hat, Inc. that is used to build, distribute and deploy containers. Red Hat Quay suffers from a security vulnerability that stems from the vulnerability of config-editor pages to clickjacking attacks. An attacker can exploit this...
PT-2020-10922 · Red Hat · Quay
Name of the Vulnerable Software and Affected Versions: quay-2 affected versions not specified Description: A stored XSS issue has been found in the super user function of quay, allowing attackers to inject scripts via the name field of the service key. These scripts can run when admin users attem...