Vulnerability Details CVE-2020-13846
Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00046.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.html
- https://github.com/hpcng/singularity/security/advisories/GHSA-6w7g-p4jh-rf92
- https://medium.com/sylabs
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00046.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.html
- https://github.com/hpcng/singularity/security/advisories/GHSA-6w7g-p4jh-rf92
- https://medium.com/sylabs
Products affected by CVE-2020-13846
-
cpe:2.3:a:sylabs:singularity:3.5.0
-
cpe:2.3:a:sylabs:singularity:3.5.1
-
cpe:2.3:a:sylabs:singularity:3.5.2
-
cpe:2.3:a:sylabs:singularity:3.5.3