Vulnerabilities > Redhat > Quay

DATE CVE VULNERABILITY TITLE RISK
2024-06-12 CVE-2024-5891 Unspecified vulnerability in Redhat Quay 3.0.0
A vulnerability was found in Quay.
network
high complexity
redhat
4.2
4.2
2023-11-07 CVE-2023-4956 Improper Restriction of Rendered UI Layers or Frames vulnerability in Redhat Quay 3.0.0
A flaw was found in Quay.
network
low complexity
redhat CWE-1021
4.3
4.3
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
7.5
2023-09-15 CVE-2023-4959 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Quay 3.0.0
A flaw was found in Quay.
network
low complexity
redhat CWE-352
6.5
6.5
2023-07-24 CVE-2023-3384 Cross-site Scripting vulnerability in Redhat Quay 3.0.0
A flaw was found in the Quay registry.
network
low complexity
redhat CWE-79
5.4
5.4
2022-09-09 CVE-2020-10735 Incorrect Type Conversion or Cast vulnerability in multiple products
A flaw was found in python.
network
low complexity
python redhat fedoraproject CWE-704
7.5
7.5
2022-09-01 CVE-2022-2447 Operation on a Resource after Expiration or Release vulnerability in multiple products
A flaw was found in Keystone.
network
high complexity
openstack redhat CWE-672
6.6
6.6
2022-04-29 CVE-2022-1227 Improper Privilege Management vulnerability in multiple products
A privilege escalation flaw was found in Podman. 		8.8
8.8
2022-03-03 CVE-2021-3762 Path Traversal vulnerability in Redhat Clair and Quay
A directory traversal vulnerability was found in the ClairCore engine of Clair.
network
low complexity
redhat CWE-22
critical
 9.8
9.8
2021-05-27 CVE-2020-27832 Cross-site Scripting vulnerability in Redhat Quay
A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification.
network
redhat CWE-79
6.0
6.0