rpm package
opensuse/apptainer&distro=openSUSE Leap 15.4
pkg:rpm/opensuse/apptainer&distro=openSUSE%20Leap%2015.4
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-39237 | — | < 1.1.2-lp154.2.1 | 1.1.2-lp154.2.1 | Oct 6, 2022 | syslabs/sif is the Singularity Image Format (SIF) reference implementation. In versions prior to 2.8.1the `github.com/sylabs/sif/v2/pkg/integrity` package did not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures. A patch is ava | ||
| CVE-2021-44717 | — | < 1.1.2-lp154.2.1 | 1.1.2-lp154.2.1 | Jan 1, 2022 | Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion. | ||
| CVE-2021-44716 | — | < 1.1.2-lp154.2.1 | 1.1.2-lp154.2.1 | Jan 1, 2022 | net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. |
- CVE-2022-39237Oct 6, 2022affected < 1.1.2-lp154.2.1fixed 1.1.2-lp154.2.1
syslabs/sif is the Singularity Image Format (SIF) reference implementation. In versions prior to 2.8.1the `github.com/sylabs/sif/v2/pkg/integrity` package did not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures. A patch is ava
- CVE-2021-44717Jan 1, 2022affected < 1.1.2-lp154.2.1fixed 1.1.2-lp154.2.1
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.
- CVE-2021-44716Jan 1, 2022affected < 1.1.2-lp154.2.1fixed 1.1.2-lp154.2.1
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.