PT-2024-5219 · Unknown+8 · Github.Com/Containers/Image+8

Pedro Sampaio

·

Published

2024-05-09

·

Updated

2026-06-10

·

CVE-2024-3727

CVSS v3.1

8.3

High

VectorAV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: github.com/containers/image (affected versions not specified)
Description: A flaw was found in the github.com/containers/image library, related to incorrect integrity value checking. This issue allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Weakness Enumeration

CWE-354

Related Identifiers

ALSA-2024:5258
ALSA-2024:9097
ALSA-2024:9098
ALT-PU-2024-16988
ALT-PU-2024-17358
ALT-PU-2024-7921
ALT-PU-2024-7923
ALT-PU-2025-10794
AZL-42315
AZL-42318
AZL-42319
AZL-42327
AZL-42330
AZL-42331
AZL-42340
AZL-42343
AZL-43492
AZL-43510
AZL-44565
AZL-44970
AZL-45243
BDU:2024-05780
CESA-2024_5258
CVE-2024-3727
GHSA-6WVF-F2VW-3425
GO-2024-2842
INFSA-2024_5258
INFSA-2024_9097
INFSA-2024_9098
INFSA-2024_9102
MGASA-2024-0343
OESA-2025-2233
OPENSUSE-SU-2024:0244-1
OPENSUSE-SU-2024:13951-1
OPENSUSE-SU-2024:13952-1
OPENSUSE-SU-2024:13960-1
OPENSUSE-SU-2024:13963-1
OPENSUSE-SU-2024:13975-1
OPENSUSE-SU-2024:14019-1
OPENSUSE-SU-2024:14059-1
OPENSUSE-SU-2024_1838-1
OPENSUSE-SU-2024_2031-1
OPENSUSE-SU-2024_2050-1
OPENSUSE-SU-2024_2090-1
OPENSUSE-SU-2024_3120-1
OPENSUSE-SU-2024_3151-1
OPENSUSE-SU-2024_3186-1
OPENSUSE-SU-2025:14728-1
OPENSUSE-SU-2025_0313-1
OPENSUSE-SU-2025_0429-1
RHSA-2024:0045
RHSA-2024:4159
RHSA-2024:5258
RHSA-2024:7182
RHSA-2024:7187
RHSA-2024:7941
RHSA-2024:9097
RHSA-2024:9098
RHSA-2024:9102
RHSA-2024_5258
RHSA-2024_9097
RHSA-2024_9098
RHSA-2024_9102
RLSA-2024:5258
RLSA-2024:9102
SUSE-SU-2024:1838-1
SUSE-SU-2024:1987-1
SUSE-SU-2024:1987-2
SUSE-SU-2024:1988-1
SUSE-SU-2024:1989-1
SUSE-SU-2024:2031-1
SUSE-SU-2024:2050-1
SUSE-SU-2024:2050-2
SUSE-SU-2024:2090-1
SUSE-SU-2024:2383-1
SUSE-SU-2024:2548-1
SUSE-SU-2024:3120-1
SUSE-SU-2024:3151-1
SUSE-SU-2024:3186-1
SUSE-SU-2024_1838-1
SUSE-SU-2024_1988-1
SUSE-SU-2024_1989-1
SUSE-SU-2024_2383-1
SUSE-SU-2024_2548-1
SUSE-SU-2025:0313-1
SUSE-SU-2025:0429-1
SUSE-SU-2025:20013-1
SUSE-SU-2025:20019-1
SUSE-SU-2025:20055-1
SUSE-SU-2025:20279-1

Affected Products

Alt Linux
Almalinux
Centos
Debian
Red Hat
Red Os
Rocky Linux
Suse
Github.Com/Containers/Image