A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
History

Thu, 03 Oct 2024 13:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift_ironic:4.14::el9
References

Wed, 02 Oct 2024 11:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift_ironic:4.15::el9
References

Tue, 01 Oct 2024 23:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift:4.17::el9
References

Thu, 26 Sep 2024 05:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhmt cpe:/a:redhat:rhmt:1.8::el8
References

Tue, 24 Sep 2024 23:15:00 +0000

Type Values Removed Values Added
References

Wed, 18 Sep 2024 08:30:00 +0000


Mon, 16 Sep 2024 22:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:advanced_cluster_security:4.5::el8
References

Thu, 29 Aug 2024 22:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:advanced_cluster_security:4 cpe:/a:redhat:advanced_cluster_security:4.4::el8
References

Thu, 29 Aug 2024 19:00:00 +0000

Type Values Removed Values Added
References

Wed, 28 Aug 2024 23:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:container_native_virtualization:4.15::el9

Tue, 13 Aug 2024 23:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:8

Tue, 13 Aug 2024 16:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:8::appstream
References

Wed, 07 Aug 2024 16:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift:4.14::el8
cpe:/a:redhat:openshift:4.14::el9
References

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-05-09T14:57:21.327Z

Updated: 2024-10-07T13:29:11.139Z

Reserved: 2024-04-12T17:56:37.261Z

Link: CVE-2024-3727

cve-icon Vulnrichment

Updated: 2024-08-01T20:20:01.029Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-14T15:42:07.060

Modified: 2024-10-03T13:15:14.953

Link: CVE-2024-3727

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-05-09T00:00:00Z

Links: CVE-2024-3727 - Bugzilla