CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2020-10735 – python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
https://notcve.org/view.php?id=CVE-2020-10735
09 Sep 2022 — A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en python. En los algoritmos con complejidad de tiempo cuadrática que usan bases no binarias, cuan... • http://www.openwall.com/lists/oss-security/2022/09/21/1 • CWE-400: Uncontrolled Resource Consumption CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-2447
https://notcve.org/view.php?id=CVE-2022-2447
01 Sep 2022 — A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected. Se ha encontrado un fallo en Keystone. Hay un desfase (de hasta una hora en una configuración por defecto) entre el momento en que la política de seguridad dice que un token debe ser revocado y el momento en que realmente lo es. • https://access.redhat.com/security/cve/CVE-2022-2447 • CWE-324: Use of a Key Past its Expiration Date CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 8.8EPSS: 26%CPEs: 20EXPL: 2CVE-2022-1227 – psgo: Privilege escalation in 'podman top'
https://notcve.org/view.php?id=CVE-2022-1227
29 Apr 2022 — A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service. Se ha encontrado un fallo de escalada de privilegios en Podman. • https://github.com/iridium-soda/CVE-2022-1227_Exploit • CWE-269: Improper Privilege Management CWE-281: Improper Preservation of Permissions •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 1CVE-2021-3762 – quay/claircore: directory traversal when scanning crafted container image layer allows for arbitrary file write
https://notcve.org/view.php?id=CVE-2021-3762
03 Mar 2022 — A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted container image which, when scanned by Clair, allows for arbitrary file write on the filesystem, potentially allowing for remote code execution. Se ha encontrado una vulnerabilidad de salto de directorio en el motor ClairCore de Clair. Un atacante puede explotar esto al suministrar una imagen de contenedor diseñada que, cuando es escaneada por Clair, permite una escritura de ar... • https://bugzilla.redhat.com/show_bug.cgi?id=2000795 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3867
https://notcve.org/view.php?id=CVE-2019-3867
18 Mar 2021 — A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gain access to a session, could use it to control or delete a user's container repository. Red Hat Quay 2 and 3 are vulnerable to this issue. Se encontró una vulnerabilidad en la aplicación web Quay. • https://bugzilla.redhat.com/show_bug.cgi?id=1772704 • CWE-613: Insufficient Session Expiration •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27831 – quay: email notifications authorization bypass
https://notcve.org/view.php?id=CVE-2020-27831
11 Jan 2021 — A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications. Se encontró un fallo en Red Hat Quay, donde no protege apropiadamente el token de autorización cuando se autorizan direcciones de correo electrónico para notificaciones de correo electrónico del repositorio. Este fallo permite a un atacante agregar... • https://bugzilla.redhat.com/show_bug.cgi?id=1905758 • CWE-284: Improper Access Control CWE-522: Insufficiently Protected Credentials •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27832 – quay: persistent XSS in repository notification display
https://notcve.org/view.php?id=CVE-2020-27832
11 Jan 2021 — A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se encontró un fallo en Red Hat Quay, donde presenta una vulnerabilidad de tipo Cross-site Scripting (XSS) persistente cuando se muestra la notif... • https://bugzilla.redhat.com/show_bug.cgi?id=1905784 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14313 – quay: build triggers can disclose robot account names and existence of private repos within namespaces
https://notcve.org/view.php?id=CVE-2020-14313
11 Aug 2020 — An information disclosure vulnerability was found in Red Hat Quay in versions before 3.3.1. This flaw allows an attacker who can create a build trigger in a repository, to disclose the names of robot accounts and the existence of private repositories within any namespace. Se encontró una vulnerabilidad de divulgación de información en Red Hat Quay en versiones anteriores a 3.3.1. Este fallo permite a un atacante que puede crear un desencadenamiento de compilación en un repositorio, divulgar los nombres de c... • https://bugzilla.redhat.com/show_bug.cgi?id=1853026 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3865
https://notcve.org/view.php?id=CVE-2019-3865
22 Jun 2020 — A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. Attackers are able to use the name field of service key to inject scripts and make it run when admin users try to change the name. Se encontró una vulnerabilidad en quay-2, donde se encontró una vulnerabilidad de tipo XSS almacenado en la función quay de superusuario. Los atacantes son capaces de usar el campo de nombre de la clave de servicio para inyectar scripts y ejecutarlo cuando los... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3865 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3864
https://notcve.org/view.php?id=CVE-2019-3864
21 Jan 2020 — A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The token is not refreshed for every request or when a user logged out and in again. An attacker could use a leaked token to gain access to the system using the user's account. Se detectó una vulnerabilidad en todas las versiones quay-2 anteriores a quay-3.0.0, en la GUI web de Quay, donde las peticiones POST incluyen un parámetro especí... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3864 • CWE-352: Cross-Site Request Forgery (CSRF) •