pkg:Go/github.com/sylabs/singularity

All known vulnerabilities

• HIGH8.8CVE-2019-11328Incorrect Permission Assignment for Critical Resource in Singularity
  >= 3.1.0, < 3.2.0
• HIGH8.8CVE-2020-25040Insecure permissions on build temporary rootfs in Singularity
  from 0, < 3.6.3
• HIGH8.2CVE-2020-15229Path traversal and files overwrite with unsquashfs in singularity
  >= 3.1.1, < 3.6.4
• HIGH8.1Insecure permissions on user namespace / fakeroot temporary rootfs in Singularity
  >= 3.2.0, < 3.6.3
• HIGH7.8Sylabs Singularity Improper Input Validation
  >= 2.4.0, < 2.6.1
• HIGH7.5Singularity insecure permissions
  >= 3.3.0, < 3.5.2
• HIGH7.5"Verify All" Returns Success Despite Validation Failures in Singularity
  >= 3.5.0, < 3.6.0
• HIGH7.5Execution Control List (ECL) Is Insecure in Singularity
  >= 3.0.0, < 3.6.0
• MEDIUM6.3Action Commands (run/shell/exec) Against Library URIs Ignore Configured Remote Endpoint
  >= 3.7.2, < 3.7.4
• MEDIUM4.8Singluarity: Incorrect path matching for 'limit container paths' directive
  from 0, <= 3.1.1
• MEDIUM4.5Singularity ineffectively applies of selinux / apparmor LSM process labels in github.com/sylabs/singularity
  from 0