Msrc Azl3 Containerized-Data-Importer 1.57.0-14 On Azure Linux 3.0 vulnerabilities

CVE-2024-3727 [HIGH] CWE-354 Containers/image: digest type does not guarantee valid type Containers/image: digest type does not guarantee valid type FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2023-2253 [MEDIUM] CWE-770 A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n` causi

CVE-2022-2879 [HIGH] CWE-770 Unbounded memory consumption when reading headers in archive/tar Unbounded memory consumption when reading headers in archive/tar FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libra