Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-27832

EPSS 0.45% · P64
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-27832

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when displaying a repository's notification. This flaw allows an attacker to trick a user into performing a malicious action to impersonate the target user. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Red Hat Quay 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat Quay是美国红帽(Red Hat)公司的一款分布式容器镜像仓库,它主要用于构建、分布和部署容器。 quay 3.3.3之前版本存在跨站脚本漏洞,该漏洞源于存储库通知显示中的持久性XSS。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-quay quay 3.3.2 -

II. Public POCs for CVE-2020-27832

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-27832

登录查看更多情报信息。

Same Patch Batch · n/a · 2021-05-27 · 74 CVEs total

CVE-2020-22025FFmpeg 缓冲区错误漏洞
CVE-2020-14329Red Hat Ansible 信息泄露漏洞
CVE-2020-10688Red Hat Resteasy 跨站脚本漏洞
CVE-2020-22033FFmpeg 缓冲区错误漏洞
CVE-2020-22032FFmpeg 缓冲区错误漏洞
CVE-2020-22016FFmpeg 缓冲区错误漏洞
CVE-2020-22017FFmpeg 缓冲区错误漏洞
CVE-2021-33394Devellion Cubecart 授权问题漏洞
CVE-2020-22022FFmpeg 缓冲区错误漏洞
CVE-2020-22023FFmpeg 缓冲区错误漏洞
CVE-2020-10697Red Hat Ansible 安全漏洞
CVE-2020-22027FFmpeg 缓冲区错误漏洞
CVE-2020-22030FFmpeg 缓冲区错误漏洞
CVE-2020-22029FFmpeg 缓冲区错误漏洞
CVE-2020-22031FFmpeg 缓冲区错误漏洞
CVE-2021-27490Siemens Solid Edge 缓冲区错误漏洞
CVE-2021-27492Siemens Solid Edge 代码问题漏洞
CVE-2021-27488Siemens Solid Edge 缓冲区错误漏洞
CVE-2021-27496Siemens Solid Edge 安全漏洞
CVE-2021-27494Siemens Solid Edge 安全漏洞

Showing top 20 of 74 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: quay
Same vendor: n/a
Same weakness: CWE-79

V. Comments for CVE-2020-27832

No comments yet

Leave a comment