Lucene search

K
redhatRedHatRHSA-2021:3917
HistoryOct 19, 2021 - 12:05 p.m.

(RHSA-2021:3917) Important: Red Hat Quay v3.6.0 security, bug fix and enhancement update

2021-10-1912:05:33
access.redhat.com
21

0.01 Low

EPSS

Percentile

83.9%

Quay 3.6.0 release

Security Fix(es):

  • nodejs-url-parse: incorrect hostname in url parsing (CVE-2018-3774)

  • python-pillow: insufficent fix for CVE-2020-35654 due to incorrect error checking in TiffDecode.c (CVE-2021-25289)

  • nodejs-urijs: mishandling certain uses of backslash may lead to confidentiality compromise (CVE-2021-27516)

  • nodejs-debug: Regular expression Denial of Service (CVE-2017-16137)

  • nodejs-mime: Regular expression Denial of Service (CVE-2017-16138)

  • nodejs-is-my-json-valid: ReDoS when validating JSON fields with email format (CVE-2018-1107)

  • nodejs-extend: Prototype pollution can allow attackers to modify object properties (CVE-2018-16492)

  • nodejs-stringstream: out-of-bounds read leading to uninitialized memory exposure (CVE-2018-21270)

  • nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution (CVE-2019-20920)

  • nodejs-handlebars: an endless loop while processing specially-crafted templates leads to DoS (CVE-2019-20922)

  • nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)

  • nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)

  • nodejs-highlight-js: prototype pollution via a crafted HTML code block (CVE-2020-26237)

  • urijs: Hostname spoofing via backslashes in URL (CVE-2020-26291)

  • python-pillow: decoding crafted YCbCr files could result in heap-based buffer overflow (CVE-2020-35654)

  • browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS) (CVE-2021-23364)

  • nodejs-postcss: Regular expression denial of service during source map parsing (CVE-2021-23368)

  • nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js (CVE-2021-23382)

  • python-pillow: negative-offset memcpy with an invalid size in TiffDecode.c (CVE-2021-25290)

  • python-pillow: out-of-bounds read in TiffReadRGBATile in TiffDecode.c (CVE-2021-25291)

  • python-pillow: backtracking regex in PDF parser could be used as a DOS attack (CVE-2021-25292)

  • python-pillow: out-of-bounds read in SGIRleDecode.c (CVE-2021-25293)

  • nodejs-url-parse: mishandling certain uses of backslash may lead to confidentiality compromise (CVE-2021-27515)

  • python-pillow: reported size of a contained image is not properly checked for a BLP container (CVE-2021-27921)

  • python-pillow: reported size of a contained image is not properly checked for an ICNS container (CVE-2021-27922)

  • python-pillow: reported size of a contained image is not properly checked for an ICO container (CVE-2021-27923)

  • python-pillow: buffer overflow in Convert.c because it allow an attacker to pass controlled parameters directly into a convert function (CVE-2021-34552)

  • nodejs-braces: Regular Expression Denial of Service (ReDoS) in lib/parsers.js (CVE-2018-1109)

  • lodash: Prototype pollution in utilities function (CVE-2018-3721)

  • hoek: Prototype pollution in utilities function (CVE-2018-3728)

  • lodash: uncontrolled resource consumption in Data handler causing denial of service (CVE-2019-1010266)

  • nodejs-yargs-parser: prototype pollution vulnerability (CVE-2020-7608)

  • python-pillow: decoding a crafted PCX file could result in buffer over-read (CVE-2020-35653)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.