High severityNVD Advisory· Published Dec 17, 2018· Updated Aug 5, 2024
CVE-2018-19295
CVE-2018-19295
Description
Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/sylabs/singularityGo | >= 2.4.0, < 2.6.1 | 2.6.1 |
Affected products
5- ghsa-coords5 versionspkg:golang/github.com/sylabs/singularitypkg:rpm/opensuse/singularity&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/singularity&distro=openSUSE%20Tumbleweedpkg:rpm/suse/singularity&distro=SUSE%20Package%20Hub%2012%20SP3pkg:rpm/suse/singularity&distro=SUSE%20Package%20Hub%2015
>= 2.4.0, < 2.6.1+ 4 more
- (no CPE)range: >= 2.4.0, < 2.6.1
- (no CPE)range: < 2.6.1-bp150.3.6.1
- (no CPE)range: < 3.8.3-1.2
- (no CPE)range: < 2.6.1-14.1
- (no CPE)range: < 2.6.1-bp150.3.6.1
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-p83v-8vmr-qfv9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-19295ghsaADVISORY
- github.com/sylabs/singularity/commit/9103f0155259fdf1159277bca3c2d347571cba0dghsaWEB
- github.com/sylabs/singularity/releases/tag/2.6.1ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.