CVE-2019-3867
published 2021-03-18CVE-2019-3867: A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gain access to a session, could…
medium4.1CVSS 3.1
AVPACLPRNUIRSUCLILAL
A vulnerability was found in the Quay web application. Sessions in the Quay web application never expire. An attacker, able to gain access to a session, could use it to control or delete a user's container repository. Red Hat Quay 2 and 3 are vulnerable to this issue.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | quay | — | — |
| redhat | quay | — | — |
| redhat | quay | — | — |