Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schedmd slurm vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-31215
SchedMD Slurm prior to 20.02.7 and 20.03.x up to and including 20.11.x prior to 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.
Schedmd Slurm
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
8.2
CVSSv3
CVE-2023-49938
An issue exists in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11 and 23.0...
Schedmd Slurm
8.1
CVSSv3
CVE-2020-12693
Slurm 19.05.x prior to 19.05.7 and 20.02.x prior to 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.
Schedmd Slurm
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8.1
CVSSv3
CVE-2016-10030
The _prolog_error function in slurmd/req.c in Slurm prior to 15.08.13, 16.x prior to 16.05.7, and 17.x prior to 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control o...
Schedmd Slurm 17.02.0
Schedmd Slurm 16.05.1
Schedmd Slurm 16.05.2
Schedmd Slurm 16.05.0
Schedmd Slurm 16.05.5
Schedmd Slurm 16.05.6
Schedmd Slurm 16.05.3
Schedmd Slurm 16.05.4
Schedmd Slurm
7.8
CVSSv3
CVE-2017-15566
Insecure SPANK environment variable handling exists in SchedMD Slurm prior to 16.05.11, 17.x prior to 17.02.9, and 17.11.x prior to 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.
Schedmd Slurm 17.11.0
Schedmd Slurm
7.5
CVSSv3
CVE-2023-49936
An issue exists in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. A NULL pointer dereference leads to denial of service. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
Schedmd Slurm
Schedmd Slurm 23.11
7.5
CVSSv3
CVE-2023-49933
An issue exists in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows malicious users to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are ...
Schedmd Slurm
Schedmd Slurm 23.11
7.5
CVSSv3
CVE-2019-19728
SchedMD Slurm prior to 18.08.9 and 19.x prior to 19.05.5 executes srun --uid with incorrect privileges.
Schedmd Slurm
Opensuse Leap 15.1
Debian Debian Linux 10.0
7
CVSSv3
CVE-2023-41914
SchedMD Slurm 23.02.x prior to 23.02.6 and 22.05.x prior to 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files.
Schedmd Slurm
Fedoraproject Fedora 39
6.5
CVSSv3
CVE-2021-43337
SchedMD Slurm 21.08.* prior to 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have acc...
Schedmd Slurm
Fedoraproject Fedora 34
Fedoraproject Fedora 35
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »