Oval Definition:oval:org.opensuse.security:def:201919724
Revision Date:2022-06-30Version:1
Title:CVE-2019-19724
Description:

Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2019-19724
openSUSE-SU-2020:0057-1
openSUSE-SU-2020:1037-1
Mitre CVE-2019-19724
SUSE CVE-2019-19724
openSUSE-SU-2020:0057-1
openSUSE-SU-2020:1037-1
Platform(s):openSUSE Leap 15.1
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libsingularity1-2.6.1-lp151.2.3 is installed
  • AND libsingularity1 is signed with openSUSE key
  • OR
  • singularity-3.6.0-lp151.2.6 is installed
  • AND singularity is signed with openSUSE key
  • OR
  • singularity-devel-2.6.1-lp151.2.3 is installed
  • AND singularity-devel is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND singularity-3.8.3-1.2 is installed
    • BACK