CVE-2021-33622 — CVSS 9.8 (critical): Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value.
CVE-2019-11328 — CVSS 8.8 (high): An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could…
CVE-2020-25040 — CVSS 8.8 (high): Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build…
CVE-2020-15229 — CVSS 8.2 (high): Singularity (an open source container platform) from version 3.1.1 through 3.6.3 has a vulnerability. Due to insecure handling of path…
CVE-2020-25039 — CVSS 8.1 (high): Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container…
CVE-2018-19295 — CVSS 7.8 (high): Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks.
CVE-2020-13847 — CVSS 7.5 (high): Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found…
CVE-2020-13845 — CVSS 7.5 (high): Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy…
CVE-2019-19724 — CVSS 7.5 (high): Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could…
CVE-2023-30549 — CVSS 7.1 (high): Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of…
CVE-2018-12021 — CVSS 6.5 (medium): Singularity 2.3.0 through 2.5.1 is affected by an incorrect access control on systems supporting overlay file system. When using the…
CVE-2021-32635 — CVSS 6.3 (medium): Singularity is an open source container platform. In verions 3.7.2 and 3.7.3, Dde to incorrect use of a default URL, `singularity` action…
CVE-2021-29136 — CVSS 5.5 (medium): Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink…