CVE-2019-10205

Name of the Vulnerable Software and Affected Versions Red Hat Quay (affected versions not specified)

Description A flaw in Red Hat Quay allows robot account tokens to be stored in plain text. This could enable an attacker, who can perform database queries in the Red Hat Quay database, to use these tokens and access container images stored in the registry, potentially allowing them to read or write these images. The issue is related to insufficient protection of registration data, which could allow an attacker to bypass container protection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.