Filtered by vendor Redhat Subscriptions
Filtered by product Quay Subscriptions
Total 83 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-9511 12 Apache, Apple, Canonical and 9 more 29 Traffic Server, Mac Os X, Swiftnio and 26 more 2024-08-04 7.5 High
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-3864 1 Redhat 1 Quay 2024-08-04 8.8 High
A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The token is not refreshed for every request or when a user logged out and in again. An attacker could use a leaked token to gain access to the system using the user's account.
CVE-2019-3867 1 Redhat 1 Quay 2024-08-04 4.1 Medium
A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gain access to a session, could use it to control or delete a user's container repository. Red Hat Quay 2 and 3 are vulnerable to this issue.
CVE-2019-3865 1 Redhat 1 Quay 2024-08-04 6.1 Medium
A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. Attackers are able to use the name field of service key to inject scripts and make it run when admin users try to change the name.
CVE-2019-3866 1 Redhat 3 Openstack, Openstack-mistral, Quay 2024-08-04 5.5 Medium
An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information.
CVE-2020-35653 4 Debian, Fedoraproject, Python and 1 more 5 Debian Linux, Fedora, Pillow and 2 more 2024-08-04 7.1 High
In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations.
CVE-2020-35654 3 Fedoraproject, Python, Redhat 3 Fedora, Pillow, Quay 2024-08-04 8.8 High
In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.
CVE-2020-27831 1 Redhat 1 Quay 2024-08-04 4.3 Medium
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.
CVE-2020-27832 1 Redhat 1 Quay 2024-08-04 9.0 Critical
A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-26291 2 Redhat, Uri.js Project 2 Quay, Uri.js 2024-08-04 6.5 Medium
URI.js is a javascript URL mutation library (npm package urijs). In URI.js before version 1.19.4, the hostname can be spoofed by using a backslash (`\`) character followed by an at (`@`) character. If the hostname is used in security decisions, the decision may be incorrect. Depending on library usage and attacker intent, impacts may include allow/block list bypasses, SSRF attacks, open redirects, or other undesired behavior. For example the URL `https://expected-example.com\@observed-example.com` will incorrectly return `observed-example.com` if using an affected version. Patched versions correctly return `expected-example.com`. Patched versions match the behavior of other parsers which implement the WHATWG URL specification, including web browsers and Node's built-in URL class. Version 1.19.4 is patched against all known payload variants. Version 1.19.3 has a partial patch but is still vulnerable to a payload variant.]
CVE-2020-26237 4 Debian, Highlightjs, Oracle and 1 more 4 Debian Linux, Highlight.js, Mysql Enterprise Monitor and 1 more 2024-08-04 5.8 Medium
Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow users to insert custom HTML code blocks into your page/app via parsing Markdown code blocks (or similar) and do not filter the language names the user can provide you may be vulnerable. The pollution should just be harmless data but this can cause problems for applications not expecting these properties to exist and can result in strange behavior or application crashes, i.e. a potential DOS vector. If your website or application does not render user provided data it should be unaffected. Versions 9.18.2 and 10.1.2 and newer include fixes for this vulnerability. If you are using version 7 or 8 you are encouraged to upgrade to a newer release.
CVE-2020-15366 2 Ajv.js, Redhat 6 Ajv, Ansible Automation Platform, Enterprise Linux and 3 more 2024-08-04 5.6 Medium
An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.)
CVE-2020-14313 1 Redhat 1 Quay 2024-08-04 4.3 Medium
An information disclosure vulnerability was found in Red Hat Quay in versions before 3.3.1. This flaw allows an attacker who can create a build trigger in a repository, to disclose the names of robot accounts and the existence of private repositories within any namespace.
CVE-2020-14040 3 Fedoraproject, Golang, Redhat 16 Fedora, Text, 3scale Amp and 13 more 2024-08-04 7.5 High
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.
CVE-2020-11538 4 Canonical, Fedoraproject, Python and 1 more 7 Ubuntu Linux, Fedora, Pillow and 4 more 2024-08-04 8.1 High
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.
CVE-2020-10994 4 Canonical, Fedoraproject, Python and 1 more 4 Ubuntu Linux, Fedora, Pillow and 1 more 2024-08-04 5.5 Medium
In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.
CVE-2020-10735 3 Fedoraproject, Python, Redhat 7 Fedora, Python, Enterprise Linux and 4 more 2024-08-04 7.5 High
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.
CVE-2020-10379 4 Canonical, Fedoraproject, Python and 1 more 4 Ubuntu Linux, Fedora, Pillow and 1 more 2024-08-04 7.8 High
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.
CVE-2020-10378 4 Canonical, Fedoraproject, Python and 1 more 4 Ubuntu Linux, Fedora, Pillow and 1 more 2024-08-04 5.5 Medium
In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.
CVE-2020-10177 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-08-04 5.5 Medium
Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.