threat
engine
.sh
Back
·
··:··
Home
/
Product
/
redhat quay
Product
redhat quay
29 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-32591
all versions
A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream re
5.2
MEDIUM
CVE-2026-32590
all versions
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate dat
7.1
HIGH
CVE-2026-32589
all versions
A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the
7.4
HIGH
CVE-2026-2377
all versions
A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web a
6.5
MEDIUM
CVE-2025-4374
<= 3.14.0
A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasn't been mirrored
6.5
MEDIUM
CVE-2024-9683
all versions
A vulnerability was found in Quay, which allows successful authentication even when a truncated password version is provided. This
4.8
MEDIUM
CVE-2024-5891
all versions
A vulnerability was found in Quay. If an attacker can obtain the client ID for an application, they can use an OAuth token to auth
4.2
MEDIUM
CVE-2023-4956
all versions
A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clickin
6.5
MEDIUM
CVE-2023-44487
all versions
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q
7.5
HIGH
CVE-2023-4959
all versions
A flaw was found in Quay. Cross-site request forgery (CSRF) attacks force a user to perform unwanted actions in an application. Du
6.5
MEDIUM
CVE-2023-3384
all versions
A flaw was found in the Quay registry. While the image labels created through Quay undergo validation both in the UI and backend b
5.4
MEDIUM
CVE-2020-10735
all versions
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system
7.5
HIGH
CVE-2022-2447
all versions
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a
6.6
MEDIUM
CVE-2022-1227
all versions
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. O
8.8
HIGH
CVE-2021-3762
all versions
A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafte
9.8
CRITICAL
CVE-2020-27832
>= 3.0.0 and < 3.3.2
A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository'
9.0
CRITICAL
CVE-2020-27831
>= 3.0.0 and < 3.3.3
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for
4.3
MEDIUM
CVE-2019-3867
all versions
A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gai
4.1
MEDIUM
CVE-2020-14313
< 3.3.1
An information disclosure vulnerability was found in Red Hat Quay in versions before 3.3.1. This flaw allows an attacker who can c
4.3
MEDIUM
CVE-2019-3865
all versions
A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. Attackers
6.1
MEDIUM
CVE-2019-3864
< 3.0.0
A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specifi
8.8
HIGH
CVE-2019-10205
all versions
A flaw was found in the way Red Hat Quay stores robot account tokens in plain text. An attacker able to perform database queries i
6.3
MEDIUM
CVE-2019-9518
all versions
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker se
7.5
HIGH
CVE-2019-9517
all versions
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. Th
7.5
HIGH
CVE-2019-9516
all versions
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stre
6.5
MEDIUM
CVE-2019-9515
all versions
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a s
7.5
HIGH
CVE-2019-9514
all versions
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a numb
7.5
HIGH
CVE-2019-9513
all versions
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates mul
7.5
HIGH
CVE-2019-9511
all versions
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin