CVE-2020-13847
CVE-2020-13847
Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00046.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.htmlhttps://github.com/hpcng/singularity/security/advisories/GHSA-m7j2-9565-4h9vhttps://medium.com/sylabs