AZL-45243 CVE-2024-3727 affecting package cri-o 1.30.1-1

🗓️ 14 May 2024 15:42:07Reported by GoogleType

osv🔗 osv.dev👁 1 Views

AZL-45243 and CVE-2024-3727 affect cri-o 1.30.1-1; flaw enables authenticated registry access by a victim, causing resource exhaustion and path traversal.

Reporter	Title	Published	Views	Family All 303
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Go affect IBM Robotic Process Automation for Cloud Pak	4 Feb 202520:53	–	ibm
Tenable Nessus	Alibaba Cloud Linux 3 : 0164: container-tools:rhel8 (ALINUX3-SA-2024:0164)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:5258)	14 Aug 202400:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: containerized-data-importer / cri-o / ig / libcontainers-common / skopeo (CVE-2024-3727)	10 Feb 202500:00	–	nessus
Tenable Nessus	Fedora 39 : prometheus-podman-exporter (2024-1bae1999ba)	11 Jun 202400:00	–	nessus
Tenable Nessus	Fedora 40 : podman (2024-20393c122f)	17 May 202400:00	–	nessus
Tenable Nessus	Fedora 40 : prometheus-podman-exporter (2024-2f8a62d6d6)	11 Jun 202400:00	–	nessus
Tenable Nessus	Fedora 40 : apptainer (2024-500c653b4c)	5 Jun 202400:00	–	nessus
Tenable Nessus	Fedora 40 : buildah (2024-77a0ab280f)	28 May 202400:00	–	nessus
Tenable Nessus	Fedora 39 : buildah (2024-c56e6ff1b5)	19 May 202400:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-3727

21 Apr 2026 04:32Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.18.3

EPSS0.00663

SSVC