CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4956 – Quay: clickjacking on config-editor page severity
https://notcve.org/view.php?id=CVE-2023-4956
07 Nov 2023 — A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerable to clickjacking. This flaw allows an attacker to trick an administrator user into clicking on buttons on the config-editor panel, possibly reconfiguring some parts of the Quay instance. Se encontró una falla en Q... • https://access.redhat.com/security/cve/CVE-2023-4956 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4959 – Quay: cross-site request forgery (csrf) on config-editor page
https://notcve.org/view.php?id=CVE-2023-4959
15 Sep 2023 — A flaw was found in Quay. Cross-site request forgery (CSRF) attacks force a user to perform unwanted actions in an application. During the pentest, it was detected that the config-editor page is vulnerable to CSRF. The config-editor page is used to configure the Quay instance. By coercing the victim’s browser into sending an attacker-controlled request from another domain, it is possible to reconfigure the Quay instance (including adding users with admin privileges). • https://access.redhat.com/security/cve/CVE-2023-4959 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3384 – Quay: stored cross site scripting
https://notcve.org/view.php?id=CVE-2023-3384
24 Jul 2023 — A flaw was found in the Quay registry. While the image labels created through Quay undergo validation both in the UI and backend by applying a regex (validation.py), the same validation is not performed when the label comes from an image. This flaw allows an attacker to publish a malicious image to a public registry containing a script that can be executed via Cross-site scripting (XSS). • https://access.redhat.com/security/cve/CVE-2023-3384 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2020-10735 – python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
https://notcve.org/view.php?id=CVE-2020-10735
09 Sep 2022 — A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en python. En los algoritmos con complejidad de tiempo cuadrática que usan bases no binarias, cuan... • http://www.openwall.com/lists/oss-security/2022/09/21/1 • CWE-400: Uncontrolled Resource Consumption CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-2447
https://notcve.org/view.php?id=CVE-2022-2447
01 Sep 2022 — A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected. Se ha encontrado un fallo en Keystone. Hay un desfase (de hasta una hora en una configuración por defecto) entre el momento en que la política de seguridad dice que un token debe ser revocado y el momento en que realmente lo es. • https://access.redhat.com/security/cve/CVE-2022-2447 • CWE-324: Use of a Key Past its Expiration Date CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 8.8EPSS: 26%CPEs: 20EXPL: 2CVE-2022-1227 – psgo: Privilege escalation in 'podman top'
https://notcve.org/view.php?id=CVE-2022-1227
29 Apr 2022 — A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service. Se ha encontrado un fallo de escalada de privilegios en Podman. • https://github.com/iridium-soda/CVE-2022-1227_Exploit • CWE-269: Improper Privilege Management CWE-281: Improper Preservation of Permissions •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3867
https://notcve.org/view.php?id=CVE-2019-3867
18 Mar 2021 — A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gain access to a session, could use it to control or delete a user's container repository. Red Hat Quay 2 and 3 are vulnerable to this issue. Se encontró una vulnerabilidad en la aplicación web Quay. • https://bugzilla.redhat.com/show_bug.cgi?id=1772704 • CWE-613: Insufficient Session Expiration •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27831 – quay: email notifications authorization bypass
https://notcve.org/view.php?id=CVE-2020-27831
11 Jan 2021 — A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications. Se encontró un fallo en Red Hat Quay, donde no protege apropiadamente el token de autorización cuando se autorizan direcciones de correo electrónico para notificaciones de correo electrónico del repositorio. Este fallo permite a un atacante agregar... • https://bugzilla.redhat.com/show_bug.cgi?id=1905758 • CWE-284: Improper Access Control CWE-522: Insufficiently Protected Credentials •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27832 – quay: persistent XSS in repository notification display
https://notcve.org/view.php?id=CVE-2020-27832
11 Jan 2021 — A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se encontró un fallo en Red Hat Quay, donde presenta una vulnerabilidad de tipo Cross-site Scripting (XSS) persistente cuando se muestra la notif... • https://bugzilla.redhat.com/show_bug.cgi?id=1905784 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •