12 matches found
EUVD-2026-20515
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...
CVE-2026-32590
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...
CVE-2026-32590 Mirror-registry: remote code execution using pickle deserialization
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...
CVE-2026-32590 Mirror-registry: remote code execution using pickle deserialization
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...
CVE-2026-32590
CVE-2026-32590 affects Red Hat Quay and relates to the handling of resumable container image layer uploads. The vulnerability stems from how intermediate upload data is stored in the database: if this data is tampered with, an attacker could trigger arbitrary code execution on the Quay server (re...
CVE-2026-32590
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...
CVE-2026-32590
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...
PT-2026-31342
Name of the Vulnerable Software and Affected Versions Red Hat Quay affected versions not specified Description A flaw exists in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database in a format that, if manipulated, could...
GHSA-QQMV-5P3G-PX89 Directus: TUS Upload Authorization Bypass Allows Arbitrary File Overwrite
Summary Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only collection-level authorization checks, verifying the user has some permission on directusfile...
Directus: TUS Upload Authorization Bypass Allows Arbitrary File Overwrite
Summary Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only collection-level authorization checks, verifying the user has some permission on directusfile...
Incorrect Authorization
Overview directus is a Directus is a real-time API and App dashboard for managing SQL database content. Affected versions of this package are vulnerable to Incorrect Authorization in the TUS upload process. An attacker can overwrite arbitrary files and corrupt metadata by uploading files with the...
Tusdotnet 加密问题漏洞
Tusdotnet is a .Net server implementation of the Tus protocol for resumable file uploads. A security vulnerability exists in tusdotnet version 2.5.0 and earlier, which stems from the client's reliance on SHA-1 to prevent spoofing of file contents...