Known Vulnerabilities for Singularity by Sylabs
Listed below are 10 of the newest known vulnerabilities associated with "Singularity" by "Sylabs".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-33622 | Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value. | 9.8 - CRITICAL | 2021-06-15 | 2021-06-21 |
| CVE-2021-33027 | Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce. | 9.8 - CRITICAL | 2021-07-19 | 2021-07-28 |
| CVE-2021-32635 | Singularity is an open source container platform. In verions 3.7.2 and 3.7.3, Dde to incorrect use of a default URL, `singula... | 6.3 - MEDIUM | 2021-05-28 | 2022-04-22 |
| CVE-2021-29136 | Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that caus... | 5.5 - MEDIUM | 2021-04-06 | 2021-05-20 |
| CVE-2020-25040 | Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container bu... | 8.8 - HIGH | 2020-09-16 | 2021-07-21 |
| CVE-2020-25039 | Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace c... | 8.1 - HIGH | 2020-09-16 | 2021-07-21 |
| CVE-2020-15229 | Singularity (an open source container platform) from version 3.1.1 through 3.6.3 has a vulnerability. Due to insecure handlin... | 9.3 - CRITICAL | 2020-10-14 | 2022-11-16 |
| CVE-2020-13847 | Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign m... | 7.5 - HIGH | 2020-07-14 | 2023-01-20 |
| CVE-2020-13846 | Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code. | 7.5 - HIGH | 2020-07-14 | 2023-01-20 |
| CVE-2020-13845 | Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when... | 7.5 - HIGH | 2020-07-14 | 2023-01-20 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sylabs | Singularity | 3.6.3 | All | All | All |
| Application | Sylabs | Singularity | 3.6.2 | All | All | All |
| Application | Sylabs | Singularity | 3.6.1 | All | All | All |
| Application | Sylabs | Singularity | 3.6.0 | rc5 | All | All |
| Application | Sylabs | Singularity | 3.6.0 | rc4 | All | All |
| Application | Sylabs | Singularity | 3.6.0 | rc3 | All | All |
| Application | Sylabs | Singularity | 3.6.0 | rc2 | All | All |
| Application | Sylabs | Singularity | 3.6.0 | rc1 | All | All |
| Application | Sylabs | Singularity | 3.6.0 | - | All | All |
| Application | Sylabs | Singularity | 3.5.3 | rc2 | All | All |
| Application | Sylabs | Singularity | 3.5.3 | - | All | All |
| Application | Sylabs | Singularity | 3.5.3 | rc1 | All | All |
| Application | Sylabs | Singularity | 3.5.2 | All | All | All |
| Application | Sylabs | Singularity | 3.5.1 | rc2 | All | All |
| Application | Sylabs | Singularity | 3.5.1 | rc1 | All | All |
| Application | Sylabs | Singularity | 3.5.1 | - | All | All |
| Application | Sylabs | Singularity | 3.5.0 | rc2 | All | All |
| Application | Sylabs | Singularity | 3.5.0 | rc1 | All | All |
| Application | Sylabs | Singularity | 3.5.0 | - | All | All |
| Application | Sylabs | Singularity | 3.4.2 | - | All | All |