EUVD-2019-13481

Malware in sbrugna...

Red Hat Quay 安全漏洞

Red Hat Quay is a distributed container image repository from Red Hat USA that is used to build, distribute and deploy containers. A security vulnerability exists in Red Hat Quay that stems from allowing successful authentication using a truncated version of a password...

1Panel vulnerable to command injection when adding container repositories

Impact The authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. 1. Vulnerability analysis. backend\app\api\v1\imagerepo.gocreate backend\app\service\imagerepo.goCheckConn 2. vulnerability reproduction. POST /api/v1/containers/repo...

1Panel 命令注入漏洞

1Panel is an open source Linux server operations and management panel for the Chinese 1panel community. A command injection vulnerability exists in versions prior to 1.3.6 of 1Panel. The vulnerability stems from the fact that an authenticated attacker can craft a malicious load to enable command...

CVE-2019-3867

A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gain access to a session, could use it to control or delete a user's container repository. Red Hat Quay 2 and 3 are vulnerable to this issue...

Session fixation

A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gain access to a session, could use it to control or delete a user's container repository. Red Hat Quay 2 and 3 are vulnerable to this issue...

CVE-2019-3867

A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gain access to a session, could use it to control or delete a user's container repository. Mitigation Toggle FEATUREPERMANENTSESSIONS to False in quay.conf...