diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-19 13:19:31 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-19 13:20:52 +0100 |
| commit | 7d9aab07d3ea090f1eba38bcab926b4f0657ccb9 (patch) | |
| tree | c0725f1bfc1e4588fb270fb6d9a9a8bce292b17e | |
| parent | 6da6432832d256997303389813d574a161062459 (diff) | |
Track experimental fixes for singularity-container
| -rw-r--r-- | data/CVE/2020.list | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index e7adfd5490..05f13cab4a 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -14770,9 +14770,11 @@ CVE-2020-25042 (An arbitrary file upload issue exists in Mara CMS 7.5. In order CVE-2020-25041 RESERVED CVE-2020-25040 (Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary ...) + [experimental] - singularity-container 3.9.4+ds2-1 - singularity-container <unfixed> (bug #970465) NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-jv9c-w74q-6762 CVE-2020-25039 (Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on tem ...) + [experimental] - singularity-container 3.9.4+ds2-1 - singularity-container <unfixed> (bug #970465) NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-w6v2-qchm-grj7 CVE-2020-25038 @@ -36368,6 +36370,7 @@ CVE-2020-15231 (In mapfish-print before version 3.24, a user can use the JSONP s CVE-2020-15230 (Vapor is a web framework for Swift. In Vapor before version 4.29.4, At ...) NOT-FOR-US: Vapor CVE-2020-15229 (Singularity (an open source container platform) from version 3.1.1 thr ...) + [experimental] - singularity-container 3.9.4+ds2-1 - singularity-container <unfixed> (bug #972212) NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-7gcp-w6ww-2xv9 CVE-2020-15228 (In the `@actions/core` npm module before version 1.2.6,`addPath` and ` ...) @@ -39976,12 +39979,15 @@ CVE-2020-13848 (Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote NOTE: https://github.com/pupnp/pupnp/issues/177 NOTE: https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0 CVE-2020-13847 (Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Chec ...) + [experimental] - singularity-container 3.9.4+ds2-1 - singularity-container <unfixed> (bug #965040) NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-m7j2-9565-4h9v CVE-2020-13846 (Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a S ...) + [experimental] - singularity-container 3.9.4+ds2-1 - singularity-container <unfixed> (bug #965040) NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-6w7g-p4jh-rf92 CVE-2020-13845 (Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integ ...) + [experimental] - singularity-container 3.9.4+ds2-1 - singularity-container <unfixed> (bug #965040) NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-pmfr-63c2-jr5c CVE-2020-13844 (Arm Armv8-A core implementations utilizing speculative execution past ...) |