Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sylabs singularity vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-32635
Singularity is an open source container platform. In verions 3.7.2 and 3.7.3, Dde to incorrect use of a default URL, `singularity` action commands (`run`/`shell`/`exec`) specifying a container using a `library://` URI will always attempt to retrieve the container from the default...
Sylabs Singularity 3.7.2
Sylabs Singularity 3.7.3
NA
CVE-2022-23538
github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services (SCS) Container Library Service. When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library servic...
Sylabs Singularity Container Services Library 1.3.3
Sylabs Singularity Container Services Library 1.4.0
Sylabs Singularity Container Services Library 1.4.1
Sylabs Singularity Container Services Library 1.3.2
6.8
CVSSv2
CVE-2021-33622
Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO prior to 3.5-8, has an Incorrect Check of a Function's Return Value.
Sylabs Singularity
Sylabs Singularitypro
7.5
CVSSv2
CVE-2021-33027
Sylabs Singularity Enterprise up to and including 1.6.2 has Insufficient Entropy in a nonce.
Sylabs Singularity
5
CVSSv2
CVE-2019-19724
Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services.
Sylabs Singularity
6.8
CVSSv2
CVE-2018-12021
Singularity 2.3.0 up to and including 2.5.1 is affected by an incorrect access control on systems supporting overlay file system. When using the overlay option, a malicious user may access sensitive information by exploiting a few specific Singularity features.
Sylabs Singularity
7.2
CVSSv2
CVE-2018-19295
Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks.
Sylabs Singularity
5
CVSSv2
CVE-2020-13845
Sylabs Singularity 3.0 up to and including 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptor(s) in the SIF file, rather ...
Sylabs Singularity
5
CVSSv2
CVE-2020-13846
Sylabs Singularity 3.5.0 up to and including 3.5.3 fails to report an error in a Status Code.
Sylabs Singularity
5
CVSSv2
CVE-2020-13847
Sylabs Singularity 3.0 up to and including 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file.
Sylabs Singularity
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »