Vulnerabilities > Condor Project > Condor > 7.2.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-10-11 | CVE-2013-4255 | Improper Input Validation vulnerability in multiple products The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. | 3.5 |
2013-10-11 | CVE-2009-5136 | Improper Input Validation vulnerability in multiple products The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. | 4.0 |