CVE-2020-25040

Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039.

Link	Resource
https://medium.com/sylabs	Product
https://github.com/hpcng/singularity/security/advisories/GHSA-jv9c-w74q-6762	Mitigation Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00070.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00088.html	Third Party Advisory

Configuration 1

cpe:2.3:a:sylabs:singularity:*:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

---

Published : 2020-09-16 06:15

Updated : 2021-07-21 11:39

---

NVD link : CVE-2020-25040

Mitre link : CVE-2020-25040

No products.

CWE-668