VYPR

sif

by Sylabs

Source repositories

CVEs (2)

  • CVE-2022-39237Oct 6, 2022
    risk 0.00cvss epss 0.00

    syslabs/sif is the Singularity Image Format (SIF) reference implementation. In versions prior to 2.8.1the `github.com/sylabs/sif/v2/pkg/integrity` package did not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures. A patch is…

  • CVE-2021-29499May 7, 2021
    risk 0.00cvss epss 0.01

    SIF is an open source implementation of the Singularity Container Image Format. The `siftool new` command and func siftool.New() produce predictable UUID identifiers due to insecure randomness in the version of the `github.com/satori/go.uuid` module used as a dependency. A patch…