vulnerability
SUSE: CVE-2020-13845: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | Jul 14, 2020 | Jul 20, 2020 | Oct 22, 2021 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Jul 14, 2020
Added
Jul 20, 2020
Modified
Oct 22, 2021
Description
Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptor(s) in the SIF file, rather than to a cryptographically validated signature.
Solution
suse-upgrade-singularity
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.