Vulnerabilities > Sylabs > Singularity > 3.5.2

DATE CVE VULNERABILITY TITLE RISK
2021-06-15 CVE-2021-33622 Improper Check for Unusual or Exceptional Conditions vulnerability in Sylabs Singularity and Singularitypro
Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value.
network
sylabs CWE-754
6.8
6.8
2021-04-06 CVE-2021-29136 Improper Input Validation vulnerability in multiple products
Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used.
local
low complexity
linuxfoundation sylabs CWE-20
2.1
2.1
2020-10-14 CVE-2020-15229 Path Traversal vulnerability in multiple products
Singularity (an open source container platform) from version 3.1.1 through 3.6.3 has a vulnerability.
network
low complexity
sylabs opensuse CWE-22
critical
 9.3
9.3
2020-09-16 CVE-2020-25040 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039.
network
low complexity
sylabs opensuse CWE-732
6.5
6.5
2020-09-16 CVE-2020-25039 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution.
network
low complexity
sylabs opensuse CWE-732
5.5
5.5
2020-07-14 CVE-2020-13846 Unspecified vulnerability in Sylabs Singularity
Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code.
network
low complexity
sylabs
7.5
7.5