Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:5951
HistoryAug 28, 2024 - 4:19 p.m.

(RHSA-2024:5951) Low: OpenShift Virtualization 4.15.5 Images

2024-08-2816:19:22
access.redhat.com
13
red hat
openshift virtualization
4.15.5 images
security fix
containers/image
cve-2024-3727

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

8.9

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

OpenShift Virtualization is Red Hat’s virtualization solution designed for Red Hat OpenShift Container Platform.

This advisory contains OpenShift Virtualization 4.15.5 images.

Security Fix(es):

  • containers/image: digest type does not guarantee valid type
    (CVE-2024-3727)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Related

nessus 69
redhat 23
openvas 22
almalinux 7
ubuntucve 5
amazon 2
redos 1
mageia 1
osv 19
oraclelinux 7
ibm 3
ubuntu 5
photon 3
rocky 1
cve 3
cvelist 5
redhatcve 5
debiancve 5
alpinelinux 2
cbl_mariner 3
nvd 5
vulnrichment 2
veracode 1
nessus
nessus
RHEL 9 : kernel-rt (RHSA-2024:5365)
2024-08-14 00:00:00
RHEL 9 : kernel (RHSA-2024:5364)
2024-08-14 00:00:00
RHEL 9 : krb5 (RHSA-2024:5643)
2024-08-20 00:00:00
redhat
redhat
(RHSA-2024:5365) Important: kernel-rt security update
2024-08-14 00:04:44
(RHSA-2024:5364) Important: kernel security update
2024-08-14 00:04:17
(RHSA-2024:5433) Important: OpenShift Container Platform 4.14.35 security update
2024-08-22 11:36:51
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2305-1)
2024-07-08 00:00:00
Debian: Security Advisory (DSA-5726-1)
2024-07-08 00:00:00
openSUSE: Security Advisory for krb5 (SUSE-SU-2024:2307-1)
2024-07-10 00:00:00
almalinux
almalinux
Moderate: krb5 security update
2024-08-13 00:00:00
Moderate: krb5 security update
2024-09-03 00:00:00
Moderate: fence-agents security update
2024-09-04 00:00:00
ubuntucve
ubuntucve
CVE-2024-37371
2024-06-28 00:00:00
CVE-2023-52771
2024-05-21 00:00:00
CVE-2024-38556
2024-06-19 00:00:00
amazon
amazon
Medium: krb5
2024-07-18 02:00:00
Important: bind
2024-08-01 03:01:00
redos
redos
ROS-20240911-04
2024-09-11 00:00:00
mageia
mageia
Updated krb5 packages fix security vulnerabilities
2024-07-03 19:36:28
osv
osv
Moderate: krb5 security update
2024-08-13 00:00:00
krb5 vulnerabilities
2024-08-08 02:20:23
krb5 - security update
2024-07-05 00:00:00
oraclelinux
oraclelinux
krb5 security update
2024-09-03 00:00:00
krb5 security update
2024-08-13 00:00:00
resource-agents security update
2024-09-05 00:00:00
ibm
ibm
Security Bulletin: IBM DataPower Gateway vulnerable to data truncation and DoS in Kerberos (CVE-2024-37370 & CVE-2024-37371)
2024-09-03 14:18:56
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to denial of service, privilege escalation and kerberos 5
2024-09-06 09:28:18
Security Bulletin: Multiple vulnerabilities in IBM Business Automation Workflow Machine Learning Server are addressed with 24.0.0-IF001
2024-08-08 17:11:19
ubuntu
ubuntu
Kerberos vulnerabilities
2024-08-08 00:00:00
Bind vulnerabilities
2024-08-01 00:00:00
Bind vulnerabilities
2024-08-15 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2024-4.0-0679
2024-09-02 00:00:00
Critical Photon OS Security Update - PHSA-2024-3.0-0791
2024-09-04 00:00:00
Critical Photon OS Security Update - PHSA-2024-5.0-0355
2024-08-26 00:00:00
rocky
rocky
bind and bind-dyndb-ldap security update
2024-08-21 14:53:26
cve
cve
CVE-2023-52651
2024-05-01 13:15:48
CVE-2023-52771
2024-05-21 16:15:16
CVE-2024-36922
2024-05-30 16:15:15
cvelist
cvelist
CVE-2023-52771 cxl/port: Fix delete_endpoint() vs parent unregistration race
2024-05-21 15:30:53
CVE-2023-52651
2024-05-01 12:53:15
CVE-2024-38556 net/mlx5: Add a timeout to acquire the command queue semaphore
2024-06-19 13:35:26
redhatcve
redhatcve
CVE-2023-52771
2024-05-23 11:09:31
CVE-2023-52651
2024-05-01 21:55:49
CVE-2024-35907
2024-05-20 11:14:20
debiancve
debiancve
CVE-2021-47383
2024-05-21 15:15:23
CVE-2023-52771
2024-05-21 16:15:16
CVE-2024-36922
2024-05-30 16:15:15
alpinelinux
alpinelinux
CVE-2024-37371
2024-06-28 23:15:11
CVE-2024-37370
2024-06-28 22:15:02
cbl_mariner
cbl_mariner
CVE-2024-37371 affecting package krb5 for versions less than 1.21.3-1
2024-08-05 03:22:58
CVE-2024-37370 affecting package krb5 for versions less than 1.21.3-1
2024-08-05 03:22:58
CVE-2024-38428 affecting package wget for versions less than 1.21.2-3
2024-06-28 17:07:09
nvd
nvd
CVE-2023-52771
2024-05-21 16:15:16
CVE-2024-38556
2024-06-19 14:15:15
CVE-2023-52651
2024-05-01 13:15:48
vulnrichment
vulnrichment
CVE-2023-52771 cxl/port: Fix delete_endpoint() vs parent unregistration race
2024-05-21 15:30:53
CVE-2024-36922 wifi: iwlwifi: read txq->read_ptr under lock
2024-05-30 15:29:16
veracode
veracode
Plaintext Modification
2024-07-01 11:00:24

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

8.9

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON
Related for RHSA-2024:5951
nessus69redhat23openvas22almalinux7ubuntucve5amazon2redos1mageia1osv19oraclelinux7ibm3ubuntu5photon3rocky1cve3cvelist5redhatcve5debiancve5alpinelinux2cbl_mariner3nvd5vulnrichment2veracode1