Description
Currently, Quay will not limit pulling of images based on CVE status. It will allow pulls of container images regardless of how many CVEs the image has, it's up to the user to decide whether he or she wants to pull that image.
This ability would allow us to set a threshold after which image pulls would be disabled by the registry. This is something that Nexus and Harbor are already doing.
Is this something that's feasible for Quay?