rpm package
suse/slurm_20_02&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
pkg:rpm/suse/slurm_20_02&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-41914 | — | < 20.02.7-150100.3.27.1 | 20.02.7-150100.3.27.1 | Nov 3, 2023 | SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files. | ||
| CVE-2022-31251 | — | < 20.02.7-150100.3.24.1 | 20.02.7-150100.3.24.1 | Sep 7, 2022 | A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3. | ||
| CVE-2022-29500 | — | < 20.02.7-150100.3.24.1 | 20.02.7-150100.3.24.1 | May 5, 2022 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. | ||
| CVE-2022-29501 | — | < 20.02.7-150100.3.24.1 | 20.02.7-150100.3.24.1 | May 5, 2022 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. | ||
| CVE-2021-31215 | — | < 20.02.7-3.19.1 | 20.02.7-3.19.1 | May 13, 2021 | SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling. |
- CVE-2023-41914Nov 3, 2023affected < 20.02.7-150100.3.27.1fixed 20.02.7-150100.3.27.1
SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files.
- CVE-2022-31251Sep 7, 2022affected < 20.02.7-150100.3.24.1fixed 20.02.7-150100.3.24.1
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.
- CVE-2022-29500May 5, 2022affected < 20.02.7-150100.3.24.1fixed 20.02.7-150100.3.24.1
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
- CVE-2022-29501May 5, 2022affected < 20.02.7-150100.3.24.1fixed 20.02.7-150100.3.24.1
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.
- CVE-2021-31215May 13, 2021affected < 20.02.7-3.19.1fixed 20.02.7-3.19.1
SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.