Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sylabs singularity vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2021-32635
Singularity is an open source container platform. In verions 3.7.2 and 3.7.3, Dde to incorrect use of a default URL, `singularity` action commands (`run`/`shell`/`exec`) specifying a container using a `library://` URI will always attempt to retrieve the container from the default...
Sylabs Singularity 3.7.2
Sylabs Singularity 3.7.3
NA
CVE-2022-23538
github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services (SCS) Container Library Service. When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library servic...
Sylabs Singularity Container Services Library 1.3.3
Sylabs Singularity Container Services Library 1.4.0
Sylabs Singularity Container Services Library 1.4.1
Sylabs Singularity Container Services Library 1.3.2
605
VMScore
CVE-2021-33622
Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO prior to 3.5-8, has an Incorrect Check of a Function's Return Value.
Sylabs Singularity
Sylabs Singularitypro
445
VMScore
CVE-2020-13847
Sylabs Singularity 3.0 up to and including 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file.
Sylabs Singularity
445
VMScore
CVE-2020-13845
Sylabs Singularity 3.0 up to and including 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptor(s) in the SIF file, rather ...
Sylabs Singularity
641
VMScore
CVE-2018-19295
Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks.
Sylabs Singularity
606
VMScore
CVE-2018-12021
Singularity 2.3.0 up to and including 2.5.1 is affected by an incorrect access control on systems supporting overlay file system. When using the overlay option, a malicious user may access sensitive information by exploiting a few specific Singularity features.
Sylabs Singularity
445
VMScore
CVE-2020-13846
Sylabs Singularity 3.5.0 up to and including 3.5.3 fails to report an error in a Status Code.
Sylabs Singularity
668
VMScore
CVE-2021-33027
Sylabs Singularity Enterprise up to and including 1.6.2 has Insufficient Entropy in a nonce.
Sylabs Singularity
445
VMScore
CVE-2019-19724
Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services.
Sylabs Singularity
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »