Product:

Slurm

(Schedmd)
Repositories https://github.com/SchedMD/slurm
#Vulnerabilities 23
Date Id Summary Products Score Patch Annotated
2021-11-17 CVE-2021-43337 SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access. Fedora, Slurm 6.5
2022-05-05 CVE-2022-29500 SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. Debian_linux, Fedora, Slurm 8.8
2022-05-05 CVE-2022-29501 SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. Debian_linux, Fedora, Slurm 8.8
2022-05-05 CVE-2022-29502 SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges. Fedora, Slurm 9.8
2020-11-27 CVE-2020-27746 Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem. Debian_linux, Slurm 3.7
2020-11-27 CVE-2020-27745 Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. Debian_linux, Slurm 9.8
2020-01-13 CVE-2019-19728 SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges. Debian_linux, Leap, Slurm 7.5
2019-01-31 CVE-2019-6438 SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems. Leap, Slurm 9.8
2020-01-13 CVE-2019-19727 SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions. Leap, Slurm N/A
2017-11-01 CVE-2017-15566 Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution. Slurm 7.8