rpm package
suse/slurm_20_11&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
pkg:rpm/suse/slurm_20_11&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-41914 | — | < 20.11.9-150100.3.19.1 | 20.11.9-150100.3.19.1 | Nov 3, 2023 | SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files. | ||
| CVE-2022-29500 | — | < 20.11.9-150100.3.14.1 | 20.11.9-150100.3.14.1 | May 5, 2022 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. | ||
| CVE-2022-29501 | — | < 20.11.9-150100.3.14.1 | 20.11.9-150100.3.14.1 | May 5, 2022 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. | ||
| CVE-2021-31215 | — | < 20.11.7-3.11.1 | 20.11.7-3.11.1 | May 13, 2021 | SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling. |
- CVE-2023-41914Nov 3, 2023affected < 20.11.9-150100.3.19.1fixed 20.11.9-150100.3.19.1
SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files.
- CVE-2022-29500May 5, 2022affected < 20.11.9-150100.3.14.1fixed 20.11.9-150100.3.14.1
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
- CVE-2022-29501May 5, 2022affected < 20.11.9-150100.3.14.1fixed 20.11.9-150100.3.14.1
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.
- CVE-2021-31215May 13, 2021affected < 20.11.7-3.11.1fixed 20.11.7-3.11.1
SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.