Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatQuay

4 matches found

CVE
CVEadded 2021/05/27 12:15 a.m.82 views

CVE-2020-27831

A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.

4.3CVSS4.4AI score0.00127EPSS
CVE
CVEadded 2024/06/12 2:15 p.m.77 views

CVE-2024-5891

A vulnerability was found in Quay. If an attacker can obtain the client ID for an application, they can use an OAuth token to authenticate despite not having access to the organization from which the application was created. This issue is limited to authentication and not authorization. However, in...

4.2CVSS4.3AI score0.00086EPSS
CVE
CVEadded 2020/08/11 2:15 p.m.59 views

CVE-2020-14313

An information disclosure vulnerability was found in Red Hat Quay in versions before 3.3.1. This flaw allows an attacker who can create a build trigger in a repository, to disclose the names of robot accounts and the existence of private repositories within any namespace.

4.3CVSS4.1AI score0.00189EPSS
CVE
CVEadded 2021/03/18 7:15 p.m.57 views

CVE-2019-3867

A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gain access to a session, could use it to control or delete a user's container repository. Red Hat Quay 2 and 3 are vulnerable to this issue.

4.4CVSS4.6AI score0.00108EPSS