Опубликовано: 18 дек. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5
Описание
Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| devel | not-affected | code not present |
| disco | not-affected | code not present |
| eoan | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | |
| upstream | released | 3.5.2+ds1-1 |
Показывать по
10
EPSS
Процентиль: 54%
0.00313
Низкий
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
около 6 лет назад
Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services.
CVSS3: 7.5
debian
около 6 лет назад
Insecure permissions (777) are set on $HOME/.singularity when it is ne ...
EPSS
Процентиль: 54%
0.00313
Низкий
5 Medium
CVSS2
7.5 High
CVSS3