Security Advisory

CVE-2025-4374

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-06 14:49:28

Last updated 2026-02-27 16:40:01

Assigner redhat

State PUBLISHED

Description

A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasnt been mirrored yet, they are granted "Admin" permissions on the newly created repository.

← Browse all CVEs View on cve.org ↗