📦 Quay

A directory traversal vulnerability in ClairCore allows attackers to write arbitrary files to the filesystem by uploading a malicious container image. This can lead to remote code execution. Organizat...

CVE-2020-27832 is a persistent cross-site scripting (XSS) vulnerability in Red Hat Quay that allows attackers to inject malicious scripts into repository notifications. When exploited, this can trick ...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

CVE-2022-1227 is a privilege escalation vulnerability in Podman that allows attackers to gain host filesystem access when users run 'podman top' on malicious container images. This affects Podman user...

A privilege escalation vulnerability in Quay container registry allows users or robots to gain administrative permissions on newly created repositories when pulling unmirrored images through an organi...

This vulnerability in Quay allows attackers who obtain an application's client ID to use OAuth tokens for authentication, potentially accessing applications they shouldn't have access to. It affects s...