Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Moderate: Red Hat Quay v3.3.3 bug fix and security update

Related Vulnerabilities: CVE-2020-27832   CVE-2020-27831   CVE-2020-27831   CVE-2020-27832   CVE-2018-20843   CVE-2019-5018   CVE-2019-8625   CVE-2019-8710   CVE-2019-8720   CVE-2019-8743   CVE-2019-8764   CVE-2019-8766   CVE-2019-8769   CVE-2019-8771   CVE-2019-8782   CVE-2019-8783   CVE-2019-8808   CVE-2019-8811   CVE-2019-8812   CVE-2019-8813   CVE-2019-8814   CVE-2019-8815   CVE-2019-8816   CVE-2019-8819   CVE-2019-8820   CVE-2019-8823   CVE-2019-8835   CVE-2019-8844   CVE-2019-8846   CVE-2019-13050   CVE-2019-13627   CVE-2019-14889   CVE-2019-15165   CVE-2019-15903   CVE-2019-16168   CVE-2019-16935   CVE-2019-19221   CVE-2019-19906   CVE-2019-19956   CVE-2019-20218   CVE-2019-20387   CVE-2019-20388   CVE-2019-20454   CVE-2019-20807   CVE-2019-20907   CVE-2019-20916   CVE-2020-1730   CVE-2020-1751   CVE-2020-1752   CVE-2020-1971   CVE-2020-3862   CVE-2020-3864   CVE-2020-3865   CVE-2020-3867   CVE-2020-3868   CVE-2020-3885   CVE-2020-3894   CVE-2020-3895   CVE-2020-3897   CVE-2020-3899   CVE-2020-3900   CVE-2020-3901   CVE-2020-3902   CVE-2020-6405   CVE-2020-7595   CVE-2020-8492   CVE-2020-9327   CVE-2020-9802   CVE-2020-9803   CVE-2020-9805   CVE-2020-9806   CVE-2020-9807   CVE-2020-9843   CVE-2020-9850   CVE-2020-9862   CVE-2020-9893   CVE-2020-9894   CVE-2020-9895   CVE-2020-9915   CVE-2020-9925   CVE-2020-10018   CVE-2020-10029   CVE-2020-11793   CVE-2020-13630   CVE-2020-13631   CVE-2020-13632   CVE-2020-14382   CVE-2020-14391   CVE-2020-14422   CVE-2020-15503   CVE-2020-24659   CVE-2020-27831   CVE-2020-27832  

Source

Synopsis

Moderate: Red Hat Quay v3.3.3 bug fix and security update

Type/Severity

Security Advisory: Moderate

Topic

Red Hat Quay v3.3.3 is now available with bug fixes and security updates.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Note: Red Hat Quay v3.3.2 was not released publicly.

Description

This release of Red Hat Quay v3.3.3 includes:

Security Update(s):

  • quay: persistent XSS in repository notification display (CVE-2020-27832)
  • quay: email notifications authorization bypass (CVE-2020-27831)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

  • NVD feed fixed in Clair-v2 (clair-jwt image)

Solution

Download the release images via:

quay.io/redhat/quay:v3.3.3
quay.io/redhat/clair-jwt:v3.3.3
quay.io/redhat/quay-builder:v3.3.3
quay.io/redhat/clair:v3.3.3

Affected Products

  • Red Hat Quay Enterprise 3 x86_64

Fixes

  • BZ - 1905758 - CVE-2020-27831 quay: email notifications authorization bypass
  • BZ - 1905784 - CVE-2020-27832 quay: persistent XSS in repository notification display

CVEs

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started