94 matches found
EUVD-2021-1126
Malware in sbrugna...
EUVD-2021-20300
Malware in sbrugna...
EUVD-2021-2463
Malware in sbrugna...
EUVD-2021-2599
Malware in sbrugna...
EUVD-2021-19747
Malware in sbrugna...
EUVD-2022-4712
Malicious code in bioql PyPI...
EUVD-2022-4576
Malicious code in bioql PyPI...
MAL-2025-34320 Malicious code in sylabs (npm)
The package sylabs was found to contain malicious code...
Malicious code in sylabs (npm)
The package sylabs was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2020-13846
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code. CVE-2020-13846 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2020-25039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution. CVE-2020-25039...
CVE-2021-33027
Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce...
Ubuntu 18.04 ESM : Singularity vulnerabilities (USN-4840-1)
The remote Ubuntu 18.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4840-1 advisory. It was discovered that Singularity incorrectly handled certain inputs. An attacker could possibly use this issue to obtain sensitive information...
Improper Verification Of Cryptographic Signatures
sylabs sif is vulnerable to a lack of cryptographic signature validations. The vulnerability exists due to the package not verifying the hash algorithm used is cryptographically secure when verifying digital signatures allowing an attacker to perform unauthorized actions...
CVE-2022-39237 Digital Signature Hash Algorithms Not Validated in sylabs/sif
syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not verify that the hash algorithms used are cryptographically secure when verifying digital signatures. A patch is available in version =...
CVE-2022-39237 Digital Signature Hash Algorithms Not Validated in sylabs/sif
syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not verify that the hash algorithms used are cryptographically secure when verifying digital signatures. A patch is available in version =...
Singularity insecure permissions
Insecure permissions 777 are set on $HOME/.singularity when it is newly created by Singularity version from 3.3.0 to 3.5.1, which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services...
GHSA-MJ73-5X75-9PHH Singularity insecure permissions
Insecure permissions 777 are set on $HOME/.singularity when it is newly created by Singularity version from 3.3.0 to 3.5.1, which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services...
Sylabs Singularity Improper Input Validation
Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks...
GHSA-P83V-8VMR-QFV9 Sylabs Singularity Improper Input Validation
Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks...