Red Hat Quay 2.1.0

CPE Details

Red Hat Quay 2.1.0
2.1.0
2021-06-04
13h32 +00:00
2021-06-04
13h35 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:redhat:quay:2.1.0:*:*:*:*:*:*:*

Informations

Vendor

redhat

Product

quay

Version

2.1.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-14313 2020-08-11 11h42 +00:00 An information disclosure vulnerability was found in Red Hat Quay in versions before 3.3.1. This flaw allows an attacker who can create a build trigger in a repository, to disclose the names of robot accounts and the existence of private repositories within any namespace.
4.3
Medium
CVE-2019-3864 2020-01-21 14h44 +00:00 A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The token is not refreshed for every request or when a user logged out and in again. An attacker could use a leaked token to gain access to the system using the user's account.
8.8
High