CVE-2020-13847
CVE-2020-13847
Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00046.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.htmlhttps://github.com/hpcng/singularity/security/advisories/GHSA-m7j2-9565-4h9vhttps://medium.com/sylabs