PT-2020-13969 · Red Hat · Red Hat Quay

Dave Baker

Published

2020-08-11

Updated

2021-07-21

CVE-2020-14313

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Red Hat Quay versions prior to 3.3.1

Description An information disclosure issue was found in Red Hat Quay. This flaw allows an attacker who can create a build trigger in a repository to disclose the names of robot accounts and the existence of private repositories within any namespace.

Recommendations For versions prior to 3.3.1, update to version 3.3.1 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-14313

Affected Products

Red Hat Quay

PT-2020-13969 · Red Hat · Red Hat Quay

CVE-2020-14313

Related Identifiers

Affected Products

References · 4