Vulnerabilities > Schedmd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-05 | CVE-2022-29500 | Improper Authentication vulnerability in Schedmd Slurm SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. | 9.0 |
| 2022-05-05 | CVE-2022-29501 | Unspecified vulnerability in Schedmd Slurm SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. | 9.0 |
| 2022-05-05 | CVE-2022-29502 | Unspecified vulnerability in Schedmd Slurm SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges. | 7.5 |
| 2021-11-17 | CVE-2021-43337 | Incorrect Authorization vulnerability in multiple products SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. | 4.0 |
| 2021-05-13 | CVE-2021-31215 | SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling. | 6.5 |
| 2020-11-27 | CVE-2020-27746 | Race Condition vulnerability in multiple products Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem. | 4.3 |
| 2020-11-27 | CVE-2020-27745 | Classic Buffer Overflow vulnerability in multiple products Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. | 6.8 |
| 2020-05-21 | CVE-2020-12693 | Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. | 5.1 |
| 2020-01-13 | CVE-2019-19728 | Improper Privilege Management vulnerability in multiple products SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges. | 6.0 |
| 2020-01-13 | CVE-2019-19727 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions. | 2.1 |