Vulnerabilities > Schedmd

DATE CVE VULNERABILITY TITLE RISK
2018-03-15 CVE-2018-7033 SQL Injection vulnerability in multiple products
SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD.
network
low complexity
schedmd debian CWE-89
critical
9.8
2017-11-01 CVE-2017-15566 Untrusted Search Path vulnerability in Schedmd Slurm
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.
local
low complexity
schedmd CWE-426
7.8
2017-01-05 CVE-2016-10030 Improper Access Control vulnerability in Schedmd Slurm
The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node.
network
high complexity
schedmd CWE-284
8.1