Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2020-27831
Vulnerability from cvelistv5
Published
2021-05-26 23:46
Modified
2024-08-04 16:25
Severity ?
EPSS score ?
Summary
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1905758 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1905758 | Issue Tracking, Vendor Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:43.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "quay",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Quay 3.3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-26T23:46:57",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-27831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "quay",
"version": {
"version_data": [
{
"version_value": "Quay 3.3.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-27831",
"datePublished": "2021-05-26T23:46:57",
"dateReserved": "2020-10-27T00:00:00",
"dateUpdated": "2024-08-04T16:25:43.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:quay:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.0.0\", \"versionEndExcluding\": \"3.3.3\", \"matchCriteriaId\": \"142C0F31-7442-46BC-9B14-576DF36FD171\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 un fallo en Red Hat Quay, donde no protege apropiadamente el token de autorizaci\\u00f3n cuando se autorizan direcciones de correo electr\\u00f3nico para notificaciones de correo electr\\u00f3nico del repositorio.\u0026#xa0;Este fallo permite a un atacante agregar direcciones de correo electr\\u00f3nico que no son de su propiedad a las notificaciones del repositorio\"}]",
"id": "CVE-2020-27831",
"lastModified": "2024-11-21T05:21:53.813",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:N/I:P/A:N\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-05-27T00:15:08.290",
"references": "[{\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1905758\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1905758\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-522\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-27831\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-05-27T00:15:08.290\",\"lastModified\":\"2024-11-21T05:21:53.813\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 un fallo en Red Hat Quay, donde no protege apropiadamente el token de autorizaci\u00f3n cuando se autorizan direcciones de correo electr\u00f3nico para notificaciones de correo electr\u00f3nico del repositorio.\u0026#xa0;Este fallo permite a un atacante agregar direcciones de correo electr\u00f3nico que no son de su propiedad a las notificaciones del repositorio\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:P/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-522\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:quay:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.3.3\",\"matchCriteriaId\":\"142C0F31-7442-46BC-9B14-576DF36FD171\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1905758\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1905758\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]}]}}"
}
}
rhsa-2021_0050
Vulnerability from csaf_redhat
Published
2021-01-11 07:33
Modified
2024-11-13 22:17
Summary
Red Hat Security Advisory: Red Hat Quay v3.3.3 bug fix and security update
Notes
Topic
Red Hat Quay v3.3.3 is now available with bug fixes and security updates.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Note: Red Hat Quay v3.3.2 was not released publicly.
Details
This release of Red Hat Quay v3.3.3 includes:
Security Update(s):
* quay: persistent XSS in repository notification display (CVE-2020-27832)
* quay: email notifications authorization bypass (CVE-2020-27831)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* NVD feed fixed in Clair-v2 (clair-jwt image)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay v3.3.3 is now available with bug fixes and security updates.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.\n\nNote: Red Hat Quay v3.3.2 was not released publicly.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Quay v3.3.3 includes:\n\nSecurity Update(s):\n\n* quay: persistent XSS in repository notification display (CVE-2020-27832)\n\n* quay: email notifications authorization bypass (CVE-2020-27831)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nBug Fix(es):\n* NVD feed fixed in Clair-v2 (clair-jwt image)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0050",
"url": "https://access.redhat.com/errata/RHSA-2021:0050"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1905758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
},
{
"category": "external",
"summary": "1905784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905784"
},
{
"category": "external",
"summary": "PROJQUAY-1124",
"url": "https://issues.redhat.com/browse/PROJQUAY-1124"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0050.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay v3.3.3 bug fix and security update",
"tracking": {
"current_release_date": "2024-11-13T22:17:54+00:00",
"generator": {
"date": "2024-11-13T22:17:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2021:0050",
"initial_release_date": "2021-01-11T07:33:18+00:00",
"revision_history": [
{
"date": "2021-01-11T07:33:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-01-11T07:33:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T22:17:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Quay v3",
"product": {
"name": "Quay v3",
"product_id": "8Base-Quay-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"product": {
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"product_id": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-openshift-bridge-rhel8-operator\u0026tag=v3.3.3-1"
}
}
},
{
"category": "product_version",
"name": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"product": {
"name": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"product_id": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-openshift-bridge-rhel8-operator-metadata\u0026tag=v3.3.2-2"
}
}
},
{
"category": "product_version",
"name": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"product": {
"name": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"product_id": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-rhel8-operator\u0026tag=v3.3.3-2"
}
}
},
{
"category": "product_version",
"name": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"product": {
"name": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"product_id": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-rhel8-operator-metadata\u0026tag=v3.3.3-4"
}
}
},
{
"category": "product_version",
"name": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"product": {
"name": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"product_id": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=v3.3.3-3"
}
}
},
{
"category": "product_version",
"name": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"product": {
"name": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"product_id": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel8-operator\u0026tag=v3.3.3-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64"
},
"product_reference": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64"
},
"product_reference": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64"
},
"product_reference": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64"
},
"product_reference": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64"
},
"product_reference": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
},
"product_reference": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"relates_to_product_reference": "8Base-Quay-3"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Chen Cohen"
],
"organization": "eBay"
}
],
"cve": "CVE-2020-27831",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2020-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905758"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quay: email notifications authorization bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27831"
},
{
"category": "external",
"summary": "RHBZ#1905758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27831",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27831"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-11T07:33:18+00:00",
"details": "Download the release images via:\n\nquay.io/redhat/quay:v3.3.3\nquay.io/redhat/clair-jwt:v3.3.3\nquay.io/redhat/quay-builder:v3.3.3\nquay.io/redhat/clair:v3.3.3",
"product_ids": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0050"
},
{
"category": "workaround",
"details": "Disable email using the configuration app.",
"product_ids": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "quay: email notifications authorization bypass"
},
{
"acknowledgments": [
{
"names": [
"Chen Cohen"
],
"organization": "eBay"
}
],
"cve": "CVE-2020-27832",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository\u0027s notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quay: persistent XSS in repository notification display",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27832"
},
{
"category": "external",
"summary": "RHBZ#1905784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27832",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27832"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-11T07:33:18+00:00",
"details": "Download the release images via:\n\nquay.io/redhat/quay:v3.3.3\nquay.io/redhat/clair-jwt:v3.3.3\nquay.io/redhat/quay-builder:v3.3.3\nquay.io/redhat/clair:v3.3.3",
"product_ids": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0050"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quay: persistent XSS in repository notification display"
}
]
}
RHSA-2021:0050
Vulnerability from csaf_redhat
Published
2021-01-11 07:33
Modified
2024-11-13 22:17
Summary
Red Hat Security Advisory: Red Hat Quay v3.3.3 bug fix and security update
Notes
Topic
Red Hat Quay v3.3.3 is now available with bug fixes and security updates.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Note: Red Hat Quay v3.3.2 was not released publicly.
Details
This release of Red Hat Quay v3.3.3 includes:
Security Update(s):
* quay: persistent XSS in repository notification display (CVE-2020-27832)
* quay: email notifications authorization bypass (CVE-2020-27831)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* NVD feed fixed in Clair-v2 (clair-jwt image)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay v3.3.3 is now available with bug fixes and security updates.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.\n\nNote: Red Hat Quay v3.3.2 was not released publicly.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Quay v3.3.3 includes:\n\nSecurity Update(s):\n\n* quay: persistent XSS in repository notification display (CVE-2020-27832)\n\n* quay: email notifications authorization bypass (CVE-2020-27831)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nBug Fix(es):\n* NVD feed fixed in Clair-v2 (clair-jwt image)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0050",
"url": "https://access.redhat.com/errata/RHSA-2021:0050"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1905758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
},
{
"category": "external",
"summary": "1905784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905784"
},
{
"category": "external",
"summary": "PROJQUAY-1124",
"url": "https://issues.redhat.com/browse/PROJQUAY-1124"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0050.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay v3.3.3 bug fix and security update",
"tracking": {
"current_release_date": "2024-11-13T22:17:54+00:00",
"generator": {
"date": "2024-11-13T22:17:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2021:0050",
"initial_release_date": "2021-01-11T07:33:18+00:00",
"revision_history": [
{
"date": "2021-01-11T07:33:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-01-11T07:33:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T22:17:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Quay v3",
"product": {
"name": "Quay v3",
"product_id": "8Base-Quay-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"product": {
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"product_id": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-openshift-bridge-rhel8-operator\u0026tag=v3.3.3-1"
}
}
},
{
"category": "product_version",
"name": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"product": {
"name": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"product_id": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-openshift-bridge-rhel8-operator-metadata\u0026tag=v3.3.2-2"
}
}
},
{
"category": "product_version",
"name": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"product": {
"name": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"product_id": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-rhel8-operator\u0026tag=v3.3.3-2"
}
}
},
{
"category": "product_version",
"name": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"product": {
"name": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"product_id": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-rhel8-operator-metadata\u0026tag=v3.3.3-4"
}
}
},
{
"category": "product_version",
"name": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"product": {
"name": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"product_id": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=v3.3.3-3"
}
}
},
{
"category": "product_version",
"name": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"product": {
"name": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"product_id": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel8-operator\u0026tag=v3.3.3-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64"
},
"product_reference": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64"
},
"product_reference": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64"
},
"product_reference": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64"
},
"product_reference": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64"
},
"product_reference": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
},
"product_reference": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"relates_to_product_reference": "8Base-Quay-3"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Chen Cohen"
],
"organization": "eBay"
}
],
"cve": "CVE-2020-27831",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2020-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905758"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quay: email notifications authorization bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27831"
},
{
"category": "external",
"summary": "RHBZ#1905758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27831",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27831"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-11T07:33:18+00:00",
"details": "Download the release images via:\n\nquay.io/redhat/quay:v3.3.3\nquay.io/redhat/clair-jwt:v3.3.3\nquay.io/redhat/quay-builder:v3.3.3\nquay.io/redhat/clair:v3.3.3",
"product_ids": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0050"
},
{
"category": "workaround",
"details": "Disable email using the configuration app.",
"product_ids": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "quay: email notifications authorization bypass"
},
{
"acknowledgments": [
{
"names": [
"Chen Cohen"
],
"organization": "eBay"
}
],
"cve": "CVE-2020-27832",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository\u0027s notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quay: persistent XSS in repository notification display",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27832"
},
{
"category": "external",
"summary": "RHBZ#1905784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27832",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27832"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-11T07:33:18+00:00",
"details": "Download the release images via:\n\nquay.io/redhat/quay:v3.3.3\nquay.io/redhat/clair-jwt:v3.3.3\nquay.io/redhat/quay-builder:v3.3.3\nquay.io/redhat/clair:v3.3.3",
"product_ids": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0050"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quay: persistent XSS in repository notification display"
}
]
}
rhsa-2021:0050
Vulnerability from csaf_redhat
Published
2021-01-11 07:33
Modified
2024-11-13 22:17
Summary
Red Hat Security Advisory: Red Hat Quay v3.3.3 bug fix and security update
Notes
Topic
Red Hat Quay v3.3.3 is now available with bug fixes and security updates.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Note: Red Hat Quay v3.3.2 was not released publicly.
Details
This release of Red Hat Quay v3.3.3 includes:
Security Update(s):
* quay: persistent XSS in repository notification display (CVE-2020-27832)
* quay: email notifications authorization bypass (CVE-2020-27831)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* NVD feed fixed in Clair-v2 (clair-jwt image)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay v3.3.3 is now available with bug fixes and security updates.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.\n\nNote: Red Hat Quay v3.3.2 was not released publicly.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Quay v3.3.3 includes:\n\nSecurity Update(s):\n\n* quay: persistent XSS in repository notification display (CVE-2020-27832)\n\n* quay: email notifications authorization bypass (CVE-2020-27831)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nBug Fix(es):\n* NVD feed fixed in Clair-v2 (clair-jwt image)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0050",
"url": "https://access.redhat.com/errata/RHSA-2021:0050"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1905758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
},
{
"category": "external",
"summary": "1905784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905784"
},
{
"category": "external",
"summary": "PROJQUAY-1124",
"url": "https://issues.redhat.com/browse/PROJQUAY-1124"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0050.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay v3.3.3 bug fix and security update",
"tracking": {
"current_release_date": "2024-11-13T22:17:54+00:00",
"generator": {
"date": "2024-11-13T22:17:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2021:0050",
"initial_release_date": "2021-01-11T07:33:18+00:00",
"revision_history": [
{
"date": "2021-01-11T07:33:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-01-11T07:33:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T22:17:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Quay v3",
"product": {
"name": "Quay v3",
"product_id": "8Base-Quay-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"product": {
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"product_id": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-openshift-bridge-rhel8-operator\u0026tag=v3.3.3-1"
}
}
},
{
"category": "product_version",
"name": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"product": {
"name": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"product_id": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-openshift-bridge-rhel8-operator-metadata\u0026tag=v3.3.2-2"
}
}
},
{
"category": "product_version",
"name": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"product": {
"name": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"product_id": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-rhel8-operator\u0026tag=v3.3.3-2"
}
}
},
{
"category": "product_version",
"name": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"product": {
"name": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"product_id": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-rhel8-operator-metadata\u0026tag=v3.3.3-4"
}
}
},
{
"category": "product_version",
"name": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"product": {
"name": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"product_id": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=v3.3.3-3"
}
}
},
{
"category": "product_version",
"name": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"product": {
"name": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"product_id": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel8-operator\u0026tag=v3.3.3-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64"
},
"product_reference": "quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64"
},
"product_reference": "quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64"
},
"product_reference": "quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64"
},
"product_reference": "quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64"
},
"product_reference": "quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
},
"product_reference": "quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64",
"relates_to_product_reference": "8Base-Quay-3"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Chen Cohen"
],
"organization": "eBay"
}
],
"cve": "CVE-2020-27831",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2020-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905758"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quay: email notifications authorization bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27831"
},
{
"category": "external",
"summary": "RHBZ#1905758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27831",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27831"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-11T07:33:18+00:00",
"details": "Download the release images via:\n\nquay.io/redhat/quay:v3.3.3\nquay.io/redhat/clair-jwt:v3.3.3\nquay.io/redhat/quay-builder:v3.3.3\nquay.io/redhat/clair:v3.3.3",
"product_ids": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0050"
},
{
"category": "workaround",
"details": "Disable email using the configuration app.",
"product_ids": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "quay: email notifications authorization bypass"
},
{
"acknowledgments": [
{
"names": [
"Chen Cohen"
],
"organization": "eBay"
}
],
"cve": "CVE-2020-27832",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository\u0027s notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quay: persistent XSS in repository notification display",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27832"
},
{
"category": "external",
"summary": "RHBZ#1905784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27832",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27832"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-11T07:33:18+00:00",
"details": "Download the release images via:\n\nquay.io/redhat/quay:v3.3.3\nquay.io/redhat/clair-jwt:v3.3.3\nquay.io/redhat/quay-builder:v3.3.3\nquay.io/redhat/clair:v3.3.3",
"product_ids": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0050"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/quay-container-security-rhel8-operator-metadata@sha256:4befaafcec10f6d60d2b3a59479d7b3f88cfce1c80e90a32e54caa0fc86e9b5a_amd64",
"8Base-Quay-3:quay/quay-container-security-rhel8-operator@sha256:d775b67203182f3197aa2322ddb36dff835f54e354d19581a4131325aa2143f6_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator-metadata@sha256:95dcb9bc5c5500e0d99faf8b8bfab474f49730d6411ab07c5021ddc18f8116f5_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:4c5bae8fa66392cb05efde2c5f2ce3364a79c31e3176a5465fe3d33af89b39e4_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:b497ea18ad6989fff889124a10ca02de4d435d6ec3cdff3f954be18203cae204_amd64",
"8Base-Quay-3:quay/quay-rhel8-operator@sha256:84f200f48320ff0b30afac45c935086d42155a31d9e6c9a219ea4d7de98ab7b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quay: persistent XSS in repository notification display"
}
]
}
cve-2020-27831
Vulnerability from fkie_nvd
Published
2021-05-27 00:15
Modified
2024-11-21 05:21
Severity ?
Summary
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1905758 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1905758 | Issue Tracking, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:quay:*:*:*:*:*:*:*:*",
"matchCriteriaId": "142C0F31-7442-46BC-9B14-576DF36FD171",
"versionEndExcluding": "3.3.3",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo en Red Hat Quay, donde no protege apropiadamente el token de autorizaci\u00f3n cuando se autorizan direcciones de correo electr\u00f3nico para notificaciones de correo electr\u00f3nico del repositorio.\u0026#xa0;Este fallo permite a un atacante agregar direcciones de correo electr\u00f3nico que no son de su propiedad a las notificaciones del repositorio"
}
],
"id": "CVE-2020-27831",
"lastModified": "2024-11-21T05:21:53.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-27T00:15:08.290",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2020-27831
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-27831",
"description": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.",
"id": "GSD-2020-27831",
"references": [
"https://access.redhat.com/errata/RHSA-2021:0050"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-27831"
],
"details": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.",
"id": "GSD-2020-27831",
"modified": "2023-12-13T01:22:10.913986Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-27831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "quay",
"version": {
"version_data": [
{
"version_value": "Quay 3.3.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:quay:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.3.3",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-27831"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
},
"lastModifiedDate": "2022-10-21T19:43Z",
"publishedDate": "2021-05-27T00:15Z"
}
}
}
ghsa-3mxm-3qx9-6gq2
Vulnerability from github
Published
2022-05-24 19:03
Modified
2022-10-22 12:00
Severity ?
Details
A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.
{
"affected": [],
"aliases": [
"CVE-2020-27831"
],
"database_specific": {
"cwe_ids": [
"CWE-284",
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-27T00:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. This flaw allows an attacker to add email addresses they do not own to repository notifications.",
"id": "GHSA-3mxm-3qx9-6gq2",
"modified": "2022-10-22T12:00:29Z",
"published": "2022-05-24T19:03:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27831"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905758"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.