Homepage
About Snyk

pubtools-quay@0.8.1 vulnerabilities

Pubtools-quay

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the pubtools-quay package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Improper Access Control

Affected versions of this package are vulnerable to Improper Access Control due to improper validation of OAuth application tokens. An attacker could obtain the client ID for an application. The attacker could use an OAuth token to authenticate despite not having access to the organization from which the application was created.

Note: This issue is limited to authentication and not authorization.

How to fix Improper Access Control?

There is no fixed version for pubtools-quay.

[0,)
  • M
Race Condition

Affected versions of this package are vulnerable to Race Condition via _src_quay_client and self._dest_quay_client parameters.

How to fix Race Condition?

Upgrade pubtools-quay to version 0.11.0 or higher.

[,0.11.0)
Go back to all versions of this package