Red Hat Quay doesn't properly protect the authorization token when authorizing email address for repository email notifications. An attacker can use this flaw to add email address which they don't own to repository notifications.
Upstream commit: https://github.com/quay/quay/pull/614
Acknowledgments: Name: Chen Cohen (eBay)
Mitigation: Disable email using the configuration app.
This issue has been addressed in the following products: Red Hat Quay 3 Via RHSA-2021:0050 https://access.redhat.com/errata/RHSA-2021:0050
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-27831