2 matches found
CVE-2022-39237
CVE-2022-39237 affects the Syslabs/sif (Singularity Image Format) reference implementation. In versions prior to 2.8.1, the go module github.com/sylabs/sif/v2/pkg/integrity did not verify that the hash algorithms used for metadata digests and signatures are cryptographically secure when validatin...
CVE-2021-29499
CVE-2021-29499 affects SIF ( Singularity Container Image Format) where siftool new and siftool.New() generate predictable UUIDs due to insecure randomness in github.com/satori/go.uuid. A fix is available in the module version >= v1.2.3; upgrading the module is recommended. As a workaround, whe...