CVE-2026-10078: Use of HTTP Request With Sensitive Query String in Red Hat Red Hat Quay 3
CVE-2026-10078 is a vulnerability in Red Hat Quay 3's config-tool GitLab OAuth validator where sensitive credentials (client_id and client_secret) are sent in plaintext within URL query parameters during POST requests. This insecure transmission can expose these credentials in various logs such as server access logs and reverse proxy logs. An attacker with access to these logs could obtain these credentials, leading to unauthorized information disclosure. The CVSS score is low (2. 7), reflecting limited impact and requiring high privileges to exploit. No official patch or remediation level has been confirmed by Red Hat as of the advisory date.
AI Analysis
Technical Summary
The vulnerability involves the transmission of sensitive OAuth credentials (client_id and client_secret) in the URL query string during POST requests to the GitLab endpoint by the Quay config-tool's GitLab OAuth validator in Red Hat Quay 3. Because URLs and their query parameters are commonly logged by servers and proxies, this practice risks exposing these credentials in plaintext within logs. The CVSS 3.1 base score is 2.7, indicating a low severity issue with network attack vector, low complexity, and requiring high privileges. No official fix or patch is currently documented in the vendor advisory.
Potential Impact
The primary impact is the potential unauthorized disclosure of sensitive OAuth credentials if an attacker gains access to system or proxy logs containing the plaintext query strings. This could lead to credential compromise and unauthorized access to GitLab OAuth-protected resources. However, exploitation requires access to logs and high privileges, limiting the overall risk. There is no indication of direct impact on system integrity or availability.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-10078 for current remediation guidance. Until an official fix is available, organizations should minimize log exposure of URLs containing sensitive query parameters, restrict access to logs, and consider alternative OAuth validation configurations that do not transmit credentials in query strings.
CVE-2026-10078: Use of HTTP Request With Sensitive Query String in Red Hat Red Hat Quay 3
Description
CVE-2026-10078 is a vulnerability in Red Hat Quay 3's config-tool GitLab OAuth validator where sensitive credentials (client_id and client_secret) are sent in plaintext within URL query parameters during POST requests. This insecure transmission can expose these credentials in various logs such as server access logs and reverse proxy logs. An attacker with access to these logs could obtain these credentials, leading to unauthorized information disclosure. The CVSS score is low (2. 7), reflecting limited impact and requiring high privileges to exploit. No official patch or remediation level has been confirmed by Red Hat as of the advisory date.
CVSS v3.1
Score 2.7low
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability involves the transmission of sensitive OAuth credentials (client_id and client_secret) in the URL query string during POST requests to the GitLab endpoint by the Quay config-tool's GitLab OAuth validator in Red Hat Quay 3. Because URLs and their query parameters are commonly logged by servers and proxies, this practice risks exposing these credentials in plaintext within logs. The CVSS 3.1 base score is 2.7, indicating a low severity issue with network attack vector, low complexity, and requiring high privileges. No official fix or patch is currently documented in the vendor advisory.
Potential Impact
The primary impact is the potential unauthorized disclosure of sensitive OAuth credentials if an attacker gains access to system or proxy logs containing the plaintext query strings. This could lead to credential compromise and unauthorized access to GitLab OAuth-protected resources. However, exploitation requires access to logs and high privileges, limiting the overall risk. There is no indication of direct impact on system integrity or availability.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-10078 for current remediation guidance. Until an official fix is available, organizations should minimize log exposure of URLs containing sensitive query parameters, restrict access to logs, and consider alternative OAuth validation configurations that do not transmit credentials in query strings.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-05-29T08:57:06.499Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-10078","vendor":"Red Hat"}]
Threat ID: 6a196b7ee29bf47b50da1b8d
Added to database: 5/29/2026, 10:33:34 AM
Last enriched: 5/29/2026, 10:49:04 AM
Last updated: 5/29/2026, 3:31:19 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.