Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

OADP-1.3-RHEL-9

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
0Vulnerabilities found
CVE-2024-3727
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-8.3||HIGH
EPSS-0.38% / 58.73%
||
7 Day CHG~0.00%
Published-09 May, 2024 | 14:57
Updated-23 Jul, 2025 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Containers/image: digest type does not guarantee valid type

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.

Action-Not Available
Vendor-Red Hat, Inc.
Product-RHEL-9-CNV-4.15Red Hat OpenShift Container Platform Assisted Installer 1Red Hat OpenShift Container Platform 4.14Red Hat Migration Toolkit for Containers 1.8Red Hat Advanced Cluster Security 4.4OpenShift Developer Tools and ServicesRed Hat OpenShift Container Platform 3.11Red Hat Enterprise Linux 7Red Hat Openshift Sandboxed ContainersRed Hat OpenShift Dev SpacesRed Hat OpenStack Platform 16.2Red Hat Ansible Automation Platform 2Red Hat OpenShift Container Platform 4.13Red Hat Advanced Cluster Management for Kubernetes 2Red Hat Advanced Cluster Security 3Red Hat OpenShift Container Platform 4.15Red Hat OpenShift Container Platform 4.18OADP-1.3-RHEL-9Red Hat OpenShift Container Platform 4.17OpenShift Source-to-Image (S2I)Red Hat OpenShift Container Platform 4.16Red Hat Enterprise Linux 10Red Hat Ansible Automation Platform 1.2OpenShift ServerlessRed Hat OpenShift Container Platform 4Red Hat OpenShift Virtualization 4Red Hat Quay 3Red Hat Enterprise Linux 8Red Hat Advanced Cluster Security 4.5Multicluster Engine for KubernetesRed Hat Enterprise Linux 9
CWE ID-CWE-354
Improper Validation of Integrity Check Value