432 matches found
MAL-2025-34562 Malicious code in tardigrade-sagitta-asteroid-singularity (npm)
The package tardigrade-sagitta-asteroid-singularity was found to contain malicious code...
Malicious code in singularity-baryon-wezen-hydra (npm)
The package singularity-baryon-wezen-hydra was found to contain malicious code...
Malicious code in singularity-paleontology-nebula-hugo (npm)
The package singularity-paleontology-nebula-hugo was found to contain malicious code...
MAL-2025-33297 Malicious code in singularity-paleontology-nebula-hugo (npm)
The package singularity-paleontology-nebula-hugo was found to contain malicious code...
Malicious code in thuban-yonder-process-singularity (npm)
The package thuban-yonder-process-singularity was found to contain malicious code...
Malicious code in astrobiology-singularity-phoebe-venus (npm)
The package astrobiology-singularity-phoebe-venus was found to contain malicious code...
MAL-2025-33298 Malicious code in singularity-ultra-style-loader-ionosphere (npm)
The package singularity-ultra-style-loader-ionosphere was found to contain malicious code...
MAL-2025-33296 Malicious code in singularity-mesosphere-io-remark (npm)
The package singularity-mesosphere-io-remark was found to contain malicious code...
MAL-2025-29075 Malicious code in perseus-repository-fornax-singularity (npm)
The package perseus-repository-fornax-singularity was found to contain malicious code...
Malicious code in perseus-repository-fornax-singularity (npm)
The package perseus-repository-fornax-singularity was found to contain malicious code...
MAL-2025-29168 Malicious code in photon-astro-install-singularity (npm)
The package photon-astro-install-singularity was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2021-32635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Singularity is an open source container platform. In verions 3.7.2 and 3.7.3, Dde to incorrect use of a default URL, singularity action commands run/shell/exec...
Linux Distros Unpatched Vulnerability : CVE-2020-13847
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header ...
Linux Distros Unpatched Vulnerability : CVE-2020-25040
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different...
Linux Distros Unpatched Vulnerability : CVE-2022-23538
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services SCS Container Library Service. When the scs-library-client is used ...
Linux Distros Unpatched Vulnerability : CVE-2020-13845
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The...
Linux Distros Unpatched Vulnerability : CVE-2020-13846
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code. CVE-2020-13846 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2020-25039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution. CVE-2020-25039...
CVE-2022-39237
syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not verify that the hash algorithms used are cryptographically secure when verifying digital signatures. A patch is available in version =...
CVE-2021-33027
Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce...