{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-05T07:04:39.119","vulnerabilities":[{"cve":{"id":"CVE-2024-3624","sourceIdentifier":"secalert@redhat.com","published":"2024-04-25T18:15:10.170","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay's database."},{"lang":"es","value":"Se encontró una falla en cómo se almacena la base de datos de Quay en texto plano en el registro espejo en el archivo config.yaml de jinja. Esta falla permite que un actor malintencionado con acceso a este archivo obtenga acceso a la base de datos de Quay."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":5.2}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-256"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2024-3624","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274407","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2024-3624","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274407","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}