Vulnerabilities > Redhat > Quay

DATE CVE VULNERABILITY TITLE RISK
2024-10-17 CVE-2024-9683 Improper Authentication vulnerability in Redhat Quay 3.0.0
A vulnerability was found in Quay, which allows successful authentication even when a truncated password version is provided.
network
low complexity
redhat CWE-287
5.3
2024-06-12 CVE-2024-5891 Unspecified vulnerability in Redhat Quay 3.0.0
A vulnerability was found in Quay.
network
high complexity
redhat
4.2
2023-11-07 CVE-2023-4956 Improper Restriction of Rendered UI Layers or Frames vulnerability in Redhat Quay 3.0.0
A flaw was found in Quay.
network
low complexity
redhat CWE-1021
4.3
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2023-09-15 CVE-2023-4959 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Quay 3.0.0
A flaw was found in Quay.
network
low complexity
redhat CWE-352
6.5
2023-07-24 CVE-2023-3384 Cross-site Scripting vulnerability in Redhat Quay 3.0.0
A flaw was found in the Quay registry.
network
low complexity
redhat CWE-79
5.4
2022-09-09 CVE-2020-10735 Incorrect Type Conversion or Cast vulnerability in multiple products
A flaw was found in python.
network
low complexity
python redhat fedoraproject CWE-704
7.5
2022-09-01 CVE-2022-2447 Operation on a Resource after Expiration or Release vulnerability in multiple products
A flaw was found in Keystone.
network
high complexity
openstack redhat CWE-672
6.6
2022-04-29 CVE-2022-1227 Improper Privilege Management vulnerability in multiple products
A privilege escalation flaw was found in Podman.
8.8
2022-03-03 CVE-2021-3762 Path Traversal vulnerability in Redhat Clair and Quay
A directory traversal vulnerability was found in the ClairCore engine of Clair.
network
low complexity
redhat CWE-22
critical
9.8