← back
CVE-2019-19724

CVE-2019-19724

EPSS 1.2%
Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00025.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.htmlhttps://github.com/sylabs/singularity/releases/tag/v3.5.2