Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 26 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-6848 Quay: red hat quay: authentication bypass allows privileged actions without valid credentials Red HatRed Hat Quay 3 Medium 5.4 2026-04-22 09:06:20 Deep Dive
CVE-2026-32591 Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration Red Hatmirror registry for Red Hat OpenShift Medium 5.2 2026-04-08 17:06:58 Deep Dive
CVE-2026-32590 Mirror-registry: remote code execution using pickle deserialization Red Hatmirror registry for Red Hat OpenShift High 7.1 2026-04-08 17:04:23 Deep Dive
CVE-2026-32589 Mirror-registry: quay: insecure direct object reference in blobupload Red Hatmirror registry for Red Hat OpenShift High 7.1 2026-04-08 17:04:20 Deep Dive
CVE-2026-2377 Mirror-registry: quay: quay: server-side request forgery via log export functionality Red Hatmirror registry for Red Hat OpenShift Medium 6.5 2026-04-08 16:26:08 Deep Dive
CVE-2026-2376 Mirror-registry: quay: quay: server-side request forgery via open redirect vulnerability in web interface Red Hatmirror registry for Red Hat OpenShift Medium 4.9 2026-03-12 19:11:17 Deep Dive
CVE-2025-4374 Quay: incorrect privilege assignment Project Quayquay Medium 6.5 2025-05-06 14:49:29 Deep Dive
CVE-2024-11831 Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript -- Medium 5.4 2025-02-10 15:27:47 Deep Dive
CVE-2024-9683 Quay: quay allows successful authentication with trucated version of the password -- Medium 4.8 2024-10-17 14:08:57 Deep Dive
CVE-2024-9676 Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos) -- Medium 6.5 2024-10-15 15:27:34 Deep Dive
CVE-2024-9675 Buildah: buildah allows arbitrary directory mount -- High 7.8 2024-10-09 14:32:12 Deep Dive
CVE-2024-5891 Quay: unauthorized user may authenticate via oauth application token Red HatRed Hat Quay 3 Medium 4.2 2024-06-12 13:16:54 Deep Dive
CVE-2024-3727 Containers/image: digest type does not guarantee valid type -- High 8.3 2024-05-09 14:57:21 Deep Dive
CVE-2023-4956 Quay: clickjacking on config-editor page severity Red HatRed Hat Quay 3 Medium 6.5 2023-11-07 19:12:01 Deep Dive
CVE-2023-4959 Quay: cross-site request forgery (csrf) on config-editor page Red HatRed Hat Quay 3 Medium 6.5 2023-09-15 09:51:27 Deep Dive
CVE-2023-3384 Quay: stored cross site scripting Red HatRed Hat Quay 3 Medium 5.4 2023-07-24 15:19:21 Deep Dive
CVE-2023-30520 Jenkins Plugin Quay.io trigger 跨站脚本漏洞 Jenkins ProjectJenkins Quay.io trigger Plugin 中危 -2023-04-12 17:05:11 Deep Dive
CVE-2023-30519 Jenkins Plugin Quay.io trigger 安全漏洞 Jenkins ProjectJenkins Quay.io trigger Plugin 中危 -2023-04-12 17:05:10 Deep Dive
CVE-2021-3762 Clair 路径遍历漏洞 -quay/claircore 超危 -2022-03-03 21:41:19 Deep Dive
CVE-2020-27832 Red Hat Quay 跨站脚本漏洞 -quay 超危 -2021-05-27 13:50:39 Deep Dive