Oval Definition:	oval:org.opensuse.security:def:202013845
Revision Date: 2022-06-30 Version: 1 Title: CVE-2020-13845 Description: Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptor(s) in the SIF file, rather than to a cryptographically validated signature. Family: unix Class: vulnerability Status: Reference(s): CVE-2020-13845 openSUSE-SU-2020:1011-1 openSUSE-SU-2020:1037-1 openSUSE-SU-2020:1100-1 Mitre CVE-2020-13845 SUSE CVE-2020-13845 openSUSE-SU-2020:1011-1 openSUSE-SU-2020:1037-1 openSUSE-SU-2020:1100-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 SUSE Package Hub for SUSE Linux Enterprise 15 SP2 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information singularity-3.6.0-lp151.2.6 is installed AND singularity is signed with openSUSE key Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information singularity-3.6.0-lp152.2.3.1 is installed AND singularity is signed with openSUSE key Definition Synopsis openSUSE Tumbleweed is installed AND singularity-3.8.3-1.2 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed AND singularity-3.6.0-bp152.2.4.1 is installed
BACK