Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sylabs singularity vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-39237
syslabs/sif is the Singularity Image Format (SIF) reference implementation. In versions before 2.8.1the `github.com/sylabs/sif/v2/pkg/integrity` package did not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures. A patch is avail...
Sylabs Singularity Image Format
801
VMScore
CVE-2019-11328
An issue exists in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance...
Sylabs Singularity
Sylabs Singularity 3.2.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle-15
490
VMScore
CVE-2020-25039
Sylabs Singularity 3.2.0 up to and including 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution.
Sylabs Singularity
Opensuse Leap 15.1
Opensuse Leap 15.2
NA
CVE-2023-30549
Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. Tha...
Lfprojects Apptainer
Sylabs Singularity
Redhat Enterprise Linux 7.0
578
VMScore
CVE-2020-25040
Sylabs Singularity up to and including 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039.
Sylabs Singularity
Opensuse Leap 15.1
Opensuse Leap 15.2
516
VMScore
CVE-2020-15229
Singularity (an open source container platform) from version 3.1.1 up to and including 3.6.3 has a vulnerability. Due to insecure handling of path traversal and the lack of path sanitization within `unsquashfs`, it is possible to overwrite/create any files on the host filesystem ...
Sylabs Singularity
Opensuse Leap 15.1
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
356
VMScore
CVE-2021-29499
SIF is an open source implementation of the Singularity Container Image Format. The `siftool new` command and func siftool.New() produce predictable UUID identifiers due to insecure randomness in the version of the `github.com/satori/go.uuid` module used as a dependency. A patch ...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2