SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2024:2031-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2031-1 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated...

SUSE-SU-2024:1987-1 Security update for skopeo

This update for skopeo fixes the following issues: - Update to version 1.14.4: - CVE-2024-3727: Fixed a vulnerability that allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, resource exhaustion, local path traversal and other attacks. bsc1224123...

Fedora 39 : buildah (2024-c56e6ff1b5)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c56e6ff1b5 advisory. Security fix for CVE-2024-3727 Automatic update for buildah-1.35.4-1.fc39. Changelog for buildah Fri May 10 2024 Packit - 1.35.4-1 - Update to 1.35.4 upstrea...

Fedora 40 : podman (2024-20393c122f)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-20393c122f advisory. Security fix for CVE-2024-3727 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

CVE-2024-3727 Containers/image: digest type does not guarantee valid type

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...