rpm package
suse/pdsh&distro=SUSE Linux Enterprise Module for HPC 15 SP1
pkg:rpm/suse/pdsh&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP1
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-19727 | — | < 2.33-7.6.1 | 2.33-7.6.1 | Jan 13, 2020 | SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions. | ||
| CVE-2019-19728 | — | < 2.33-7.6.1 | 2.33-7.6.1 | Jan 13, 2020 | SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges. | ||
| CVE-2019-12838 | — | < 2.33-7.6.1 | 2.33-7.6.1 | Jul 11, 2019 | SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection. | ||
| CVE-2019-6438 | — | < 2.33-7.6.1 | 2.33-7.6.1 | Jan 31, 2019 | SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems. | ||
| CVE-2018-10995 | — | < 2.33-7.6.1 | 2.33-7.6.1 | May 30, 2018 | SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields). | ||
| CVE-2018-7033 | — | < 2.33-7.6.1 | 2.33-7.6.1 | Mar 15, 2018 | SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD. | ||
| CVE-2017-15566 | Hig | 7.8 | < 2.33-7.6.1 | 2.33-7.6.1 | Nov 1, 2017 | Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution. | |
| CVE-2016-10030 | Hig | 8.1 | < 2.33-7.6.1 | 2.33-7.6.1 | Jan 5, 2017 | The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an a |
- CVE-2019-19727Jan 13, 2020affected < 2.33-7.6.1fixed 2.33-7.6.1
SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions.
- CVE-2019-19728Jan 13, 2020affected < 2.33-7.6.1fixed 2.33-7.6.1
SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges.
- CVE-2019-12838Jul 11, 2019affected < 2.33-7.6.1fixed 2.33-7.6.1
SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.
- CVE-2019-6438Jan 31, 2019affected < 2.33-7.6.1fixed 2.33-7.6.1
SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems.
- CVE-2018-10995May 30, 2018affected < 2.33-7.6.1fixed 2.33-7.6.1
SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).
- CVE-2018-7033Mar 15, 2018affected < 2.33-7.6.1fixed 2.33-7.6.1
SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD.
- affected < 2.33-7.6.1fixed 2.33-7.6.1
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.
- affected < 2.33-7.6.1fixed 2.33-7.6.1
The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an a