2 matches found
GHSA-7GCP-W6WW-2XV9 Path traversal and files overwrite with unsquashfs in singularity
Impact Due to insecure handling of path traversal and the lack of path sanitization within unsquashfs a distribution provided utility used by Singularity, it is possible to overwrite/create any files on the host filesystem during the extraction of a crafted squashfs filesystem. Squashfs extractio...
CVE-2020-15229
Singularity an open source container platform from version 3.1.1 through 3.6.3 has a vulnerability. Due to insecure handling of path traversal and the lack of path sanitization within unsquashfs, it is possible to overwrite/create any files on the host filesystem during the extraction with a...