CVE-2022-2447
https://notcve.org/view.php?id=CVE-2022-2447
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected. Se ha encontrado un fallo en Keystone. Hay un desfase (de hasta una hora en una configuración por defecto) entre el momento en que la política de seguridad dice que un token debe ser revocado y el momento en que realmente lo es. • https://access.redhat.com/security/cve/CVE-2022-2447 https://bugzilla.redhat.com/show_bug.cgi?id=2105419 • CWE-324: Use of a Key Past its Expiration Date CWE-672: Operation on a Resource after Expiration or Release •
CVE-2022-1227 – psgo: Privilege escalation in 'podman top'
https://notcve.org/view.php?id=CVE-2022-1227
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service. Se ha encontrado un fallo de escalada de privilegios en Podman. • https://bugzilla.redhat.com/show_bug.cgi?id=2070368 https://github.com/containers/podman/issues/10941 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ https://security.netapp.com/advisory/ntap-20240628-0001 https://access.redhat.com/security/cve/CVE-2022-1227 • CWE-269: Improper Privilege Management CWE-281: Improper Preservation of Permissions •
CVE-2021-3762 – quay/claircore: directory traversal when scanning crafted container image layer allows for arbitrary file write
https://notcve.org/view.php?id=CVE-2021-3762
A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted container image which, when scanned by Clair, allows for arbitrary file write on the filesystem, potentially allowing for remote code execution. Se ha encontrado una vulnerabilidad de salto de directorio en el motor ClairCore de Clair. Un atacante puede explotar esto al suministrar una imagen de contenedor diseñada que, cuando es escaneada por Clair, permite una escritura de archivos arbitrarios en el sistema de archivos, permitiendo potencialmente una ejecución de código remota • https://bugzilla.redhat.com/show_bug.cgi?id=2000795 https://github.com/quay/clair/pull/1379 https://github.com/quay/clair/pull/1380 https://github.com/quay/claircore/commit/691f2023a1720a0579e688b69a2f4bfe1f4b7821 https://github.com/quay/claircore/pull/478 https://vulmon.com/exploitdetails?qidtp=maillist_oss_security&qid=d19fce9ede06e13dfb5630ece7f14f83 https://access.redhat.com/security/cve/CVE-2021-3762 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2020-27832 – quay: persistent XSS in repository notification display
https://notcve.org/view.php?id=CVE-2020-27832
A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se encontró un fallo en Red Hat Quay, donde presenta una vulnerabilidad de tipo Cross-site Scripting (XSS) persistente cuando se muestra la notificación de un repositorio. Este fallo permite a un atacante engañar a un usuario para llevar a cabo una acción maliciosa para suplantar al usuario objetivo. • https://bugzilla.redhat.com/show_bug.cgi?id=1905784 https://access.redhat.com/security/cve/CVE-2020-27832 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-27831 – quay: email notifications authorization bypass
https://notcve.org/view.php?id=CVE-2020-27831
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications. Se encontró un fallo en Red Hat Quay, donde no protege apropiadamente el token de autorización cuando se autorizan direcciones de correo electrónico para notificaciones de correo electrónico del repositorio. Este fallo permite a un atacante agregar direcciones de correo electrónico que no son de su propiedad a las notificaciones del repositorio • https://bugzilla.redhat.com/show_bug.cgi?id=1905758 https://access.redhat.com/security/cve/CVE-2020-27831 • CWE-284: Improper Access Control CWE-522: Insufficiently Protected Credentials •