2671 matches found
AZL-43510 CVE-2024-3727 affecting package buildah 1.18.0-29
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
AZL-45243 CVE-2024-3727 affecting package cri-o 1.30.1-1
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
AZL-42315 CVE-2024-3727 affecting package libcontainers-common for versions less than 20240213-2
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
AZL-42343 CVE-2024-3727 affecting package libcontainers-common for versions less than 20210626-7
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
DEBIAN-CVE-2024-3727
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
AZL-43492 CVE-2024-3727 affecting package podman 4.1.1-26
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
AZL-42318 CVE-2024-3727 affecting package containerized-data-importer for versions less than 1.57.0-2
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
AZL-42319 CVE-2024-3727 affecting package containerized-data-importer for versions less than 1.55.0-19
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
AZL-42327 CVE-2024-3727 affecting package skopeo for versions less than 1.14.4-1
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
CVE-2024-3727
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
UBUNTU-CVE-2024-3727
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
SUSE CVE-2024-3727
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
RHEL 7 : containers_storage (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - containers/storage: DoS via malicious image CVE-2021-20291 Note that Nessus has not tested for this issue but has...
RHEL 8 : containers_image (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - containers/image: Container images read entire image manifest into memory CVE-2020-1702 Note that Nessus has not...
RHEL 7 : runc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - runc: Execution of malicious containers allows for container escape and access to host filesystem...
containers-common bug fix and enhancement update
An update is available for containers-common. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The containers-common package contains common configuration files a...
OESA-2024-1550 kubernetes security update
Container cluster management. Security Fixes: A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with t...
RHCOS 4 : OpenShift Container Platform 4.14.24 (RHSA-2024:2672)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2672 advisory. - golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 - buildah: full container escape ...
CVE-2024-3727 Containers/image: digest type does not guarantee valid type
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
CVE-2024-3727
CVE-2024-3727 affects the containers/image library and enables attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, leading to resource exhaustion and local path traversal. Multiple connected advisories (e.g., container-tools updates and package-specific pat...