QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2024-3727

Back to search

CVE-2024-3727

Published: May 9, 2024

Modified: Jun 2, 2026

PUBLISHED

CVSS v3.1

8.3

HIGH

Description

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.

VendorProductVersions

Unknown

image

affected
0 - < 5.29.3
affected
5.30.0 - < 5.30.1

Red Hat

OADP-1.3-RHEL-9

unaffected
1.3.4-9 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-4 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-3 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-3 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-3 - < *

Red Hat

Red Hat Advanced Cluster Security 4.4

unaffected
4.4.5-3 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-1 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Advanced Cluster Security 4.5

unaffected
4.5.2-2 - < *

Red Hat

Red Hat Enterprise Linux 8

unaffected
8100020240808093819.afee755d - < *

Red Hat

Red Hat Enterprise Linux 9

unaffected
2:1.37.2-1.el9 - < *

Red Hat

Red Hat Enterprise Linux 9

unaffected
2:1.16.1-1.el9 - < *

Red Hat

Red Hat Enterprise Linux 9

unaffected
2:5.2.2-1.el9 - < *

Red Hat

Red Hat Migration Toolkit for Containers 1.8

unaffected
v1.8.4-22 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
3:4.4.1-13.rhaos4.13.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
2:1.11.3-3.rhaos4.13.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.14

unaffected
v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.14

unaffected
3:4.4.1-19.rhaos4.14.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.14

unaffected
2:1.11.3-3.rhaos4.14.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409172305.p0.g17536c8.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409171307.p0.ged4651a.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409161436.p0.g1f44c02.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409120135.p0.gf7f5eed.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409131835.p0.gadccbd5.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409120135.p0.g8425d88.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409130735.p0.gc03231f.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409131635.p0.gb73e37f.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409161836.p0.g092d15b.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409180105.p0.g1fdd5b0.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409180905.p0.gf6f61ca.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409171307.p0.g160e7ca.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409131635.p0.gb7c1d6a.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409111636.p0.gf0c44f6.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409120135.p0.g3ab953d.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409111636.p0.g9ea52de.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409111636.p0.gd80fe46.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409120135.p0.g8de6f94.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409171307.p0.g5d529dd.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409130536.p0.g1d6a7ed.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409161436.p0.g4121cfc.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409120135.p0.g71a6f28.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409180705.p0.g95ee44e.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202409161234.p0.g4e8d689.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
415.92.202409162258-0 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
3:4.4.1-30.rhaos4.15.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
2:1.11.3-4.rhaos4.15.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202410230304.p0.g366295f.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202410230304.p0.gfde2b2e.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.16

unaffected
4:4.9.4-5.1.rhaos4.16.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.16

unaffected
2:1.14.4-1.rhaos4.16.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.16

unaffected
0:1.29.5-7.rhaos4.16.git7db4ada.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.16

unaffected
v4.16.0-202407171536.p0.g1551101.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.16

unaffected
v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.16

unaffected
v4.16.0-202409231504.p0.g342902b.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.16

unaffected
v4.16.0-202410172201.p0.gb121e87.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.17

unaffected
v4.17.0-202409122005.p0.gb170ad0.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.17

unaffected
v4.17.0-202409100034.p0.g8d16b39.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.17

unaffected
v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.17

unaffected
v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.17

unaffected
v4.17.0-202410022234.p0.gfbc55c6.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.18

unaffected
v4.18.0-202502100934.p0.gc00c7c9.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.18

unaffected
v4.18.0-202502040032.p0.ge5a4005.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.18

unaffected
v4.18.0-202502041302.p0.g51a74ac.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.18

unaffected
v4.18.0-202501230001.p0.g5348c85.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.18

unaffected
v4.18.0-202502100153.p0.g120ba67.assembly.stream.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.18

unaffected
v4.18.0-202502060238.p0.g73d65db.assembly.stream.el9 - < *

Red Hat

RHEL-9-CNV-4.15

unaffected
v4.15.5-7 - < *

Red Hat

Multicluster Engine for Kubernetes

All versions

Red Hat

Multicluster Engine for Kubernetes

All versions

Red Hat

Multicluster Engine for Kubernetes

All versions

Red Hat

Multicluster Engine for Kubernetes

All versions

Red Hat

Multicluster Engine for Kubernetes

All versions

Red Hat

OpenShift Developer Tools and Services

All versions

Red Hat

OpenShift Developer Tools and Services

All versions

Red Hat

OpenShift Serverless

All versions

Red Hat

OpenShift Serverless

All versions

Red Hat

OpenShift Source-to-Image (S2I)

All versions

Red Hat

Red Hat Advanced Cluster Management for Kubernetes 2

All versions

Red Hat

Red Hat Advanced Cluster Security 3

All versions

Red Hat

Red Hat Advanced Cluster Security 3

All versions

Red Hat

Red Hat Advanced Cluster Security 3

All versions

Red Hat

Red Hat Advanced Cluster Security 3

All versions

Red Hat

Red Hat Advanced Cluster Security 3

All versions

Red Hat

Red Hat Advanced Cluster Security 3

All versions

Red Hat

Red Hat Advanced Cluster Security 3

All versions

Red Hat

Red Hat Advanced Cluster Security 3

All versions

Red Hat

Red Hat Ansible Automation Platform 1.2

All versions

Red Hat

Red Hat Ansible Automation Platform 2

All versions

Red Hat

Red Hat Enterprise Linux 10

All versions

Red Hat

Red Hat Enterprise Linux 10

All versions

Red Hat

Red Hat Enterprise Linux 10

All versions

Red Hat

Red Hat Enterprise Linux 10

All versions

Red Hat

Red Hat Enterprise Linux 10

All versions

Red Hat

Red Hat Enterprise Linux 10

All versions

Red Hat

Red Hat Enterprise Linux 7

All versions

Red Hat

Red Hat Enterprise Linux 7

All versions

Red Hat

Red Hat Enterprise Linux 7

All versions

Red Hat

Red Hat Enterprise Linux 8

All versions

Red Hat

Red Hat Enterprise Linux 8

All versions

Red Hat

Red Hat Enterprise Linux 8

All versions

Red Hat

Red Hat Enterprise Linux 8

All versions

Red Hat

Red Hat Enterprise Linux 8

All versions

Red Hat

Red Hat Enterprise Linux 8

All versions

Red Hat

Red Hat Enterprise Linux 9

All versions

Red Hat

Red Hat Enterprise Linux 9

All versions

Red Hat

Red Hat Enterprise Linux 9

All versions

Red Hat

Red Hat OpenShift Container Platform 3.11

All versions

Red Hat

Red Hat OpenShift Container Platform 3.11

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Red Hat

Red Hat OpenShift Container Platform Assisted Installer 1

All versions

Red Hat

Red Hat OpenShift Container Platform Assisted Installer 1

All versions

Red Hat

Red Hat OpenShift Container Platform Assisted Installer 1

All versions

Red Hat

Red Hat OpenShift Dev Spaces

All versions

Red Hat

Red Hat Openshift Sandboxed Containers

All versions

Red Hat

Red Hat Openshift Sandboxed Containers

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenShift Virtualization 4

All versions

Red Hat

Red Hat OpenStack Platform 16.2

All versions

Red Hat

Red Hat Quay 3

All versions

Weaknesses (CWE)

CWE-354

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

References

RHSA-2024:0045
vendor-advisory
x_refsource_REDHAT
RHSA-2024:3718
vendor-advisory
x_refsource_REDHAT
RHSA-2024:4159
vendor-advisory
x_refsource_REDHAT
RHSA-2024:4613
vendor-advisory
x_refsource_REDHAT
RHSA-2024:4850
vendor-advisory
x_refsource_REDHAT
RHSA-2024:4960
vendor-advisory
x_refsource_REDHAT
RHSA-2024:5258
vendor-advisory
x_refsource_REDHAT
RHSA-2024:5951
vendor-advisory
x_refsource_REDHAT
RHSA-2024:6054
vendor-advisory
x_refsource_REDHAT
RHSA-2024:6122
vendor-advisory
x_refsource_REDHAT
RHSA-2024:6708
vendor-advisory
x_refsource_REDHAT
RHSA-2024:6818
vendor-advisory
x_refsource_REDHAT
RHSA-2024:6824
vendor-advisory
x_refsource_REDHAT
RHSA-2024:7164
vendor-advisory
x_refsource_REDHAT
RHSA-2024:7174
vendor-advisory
x_refsource_REDHAT
RHSA-2024:7182
vendor-advisory
x_refsource_REDHAT
RHSA-2024:7187
vendor-advisory
x_refsource_REDHAT
RHSA-2024:7922
vendor-advisory
x_refsource_REDHAT
RHSA-2024:7941
vendor-advisory
x_refsource_REDHAT
RHSA-2024:8260
vendor-advisory
x_refsource_REDHAT
RHSA-2024:8425
vendor-advisory
x_refsource_REDHAT
RHSA-2024:9097
vendor-advisory
x_refsource_REDHAT
RHSA-2024:9098
vendor-advisory
x_refsource_REDHAT
RHSA-2024:9102
vendor-advisory
x_refsource_REDHAT
RHSA-2024:9960
vendor-advisory
x_refsource_REDHAT
RHBZ#2274767
issue-tracking
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now