293 matches found
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.21.1 security update
Important: Red Hat OpenShift GitOps v1.21.1 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-10083 RC 1.21.0-7: Missing permission for web-based terminal in Argocd UI GITOPS-10178 OpenShift GitOps operator v1.21.0 breaks Redis-HA...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.5 security update
Important: Red Hat OpenShift GitOps v1.20.5 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9568 GitOps operator propagates argo CD tracking annotations to dynamic roleBindings GITOPS-9971 Image Updater Self-hosted Quay images redirect t...
Important: Red Hat Security Advisory: Red Hat Quay 3.10.23
Red Hat Quay 3.10.23 is now available with bug fixes. Quay 3.10.23...
Important: Red Hat Security Advisory: Red Hat Quay 3.12.19
Red Hat Quay 3.12.19 is now available with bug fixes. Quay 3.12.19...
Important: Red Hat Security Advisory: Red Hat Quay 3.9.23
Red Hat Quay 3.9.23 is now available with bug fixes. Quay 3.9.23...
Important: Red Hat Security Advisory: Red Hat Quay 3.15.5
Red Hat Quay 3.15.5 is now available with bug fixes. Quay 3.15.5...
Important: Red Hat Security Advisory: Red Hat Quay 3.17.3
Red Hat Quay 3.17.3 is now available with bug fixes. Quay 3.17.3...
CVE-2026-11569
A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...
CVE-2026-11569 Quay: quay: stored xss via filedrop svg upload
A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...
CVE-2026-11569
CVE-2026-11569 affects Quay: the filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG containing JavaScript. The file is stored and served inline via the CDN, enabling stored XSS when a victim visits the ...
CVE-2026-11569
A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...
EUVD-2026-35044
A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...
CVE-2026-11569 Quay: quay: stored xss via filedrop svg upload
A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...
CVE-2026-11569
A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...
PT-2026-47274
A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...
Red Hat Quay 跨站脚本漏洞
Red Hat Quay is a container image repository platform operated by the American company Red Hat. Red Hat Quay has a cross-site scripting vulnerability. This vulnerability stems from the lack of validation of MIME types at the filedrop endpoint. It may allow authenticated users with write permissio...
Important: Red Hat Security Advisory: Red Hat Quay 3.9.22
Red Hat Quay 3.9.22 is now available with bug fixes. Quay 3.9.22...
Important: Red Hat Security Advisory: Red Hat Quay 3.10.22
Red Hat Quay 3.10.22 is now available with bug fixes. Quay 3.10.22...
Important: Red Hat Security Advisory: Red Hat Quay 3.12.18
Red Hat Quay 3.12.18 is now available with bug fixes. Quay 3.12.18...
Important: Red Hat Security Advisory: Red Hat Quay 3.17.2
Red Hat Quay 3.17.2 is now available with bug fixes. Quay 3.17.2...