Vulnerabilities > Redhat > Quay > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-12 | CVE-2024-5891 | Unspecified vulnerability in Redhat Quay 3.0.0 A vulnerability was found in Quay. | 4.2 |
| 2023-11-07 | CVE-2023-4956 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Redhat Quay 3.0.0 A flaw was found in Quay. | 4.3 |
| 2023-09-15 | CVE-2023-4959 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Quay 3.0.0 A flaw was found in Quay. | 6.5 |
| 2023-07-24 | CVE-2023-3384 | Cross-site Scripting vulnerability in Redhat Quay 3.0.0 A flaw was found in the Quay registry. | 5.4 |
| 2022-09-01 | CVE-2022-2447 | Operation on a Resource after Expiration or Release vulnerability in multiple products A flaw was found in Keystone. | 6.6 |
| 2021-05-27 | CVE-2020-27832 | Cross-site Scripting vulnerability in Redhat Quay A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. | 6.0 |
| 2021-05-27 | CVE-2020-27831 | Insufficiently Protected Credentials vulnerability in Redhat Quay A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. | 4.3 |
| 2021-03-18 | CVE-2019-3867 | Insufficient Session Expiration vulnerability in Redhat Quay 2.0.0/3.0.0 A vulnerability was found in the Quay web application. | 4.4 |
| 2020-08-11 | CVE-2020-14313 | Information Exposure vulnerability in Redhat Quay An information disclosure vulnerability was found in Red Hat Quay in versions before 3.3.1. | 4.0 |
| 2020-06-22 | CVE-2019-3865 | Cross-site Scripting vulnerability in Redhat Quay 2.0.0 A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. | 6.1 |