Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Slurm
(Schedmd)Repositories | https://github.com/SchedMD/slurm |
#Vulnerabilities | 23 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-11-17 | CVE-2021-43337 | SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access. | Fedora, Slurm | 6.5 | ||
2022-05-05 | CVE-2022-29500 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. | Debian_linux, Fedora, Slurm | 8.8 | ||
2022-05-05 | CVE-2022-29501 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. | Debian_linux, Fedora, Slurm | 8.8 | ||
2022-05-05 | CVE-2022-29502 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges. | Fedora, Slurm | 9.8 | ||
2020-11-27 | CVE-2020-27746 | Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem. | Debian_linux, Slurm | 3.7 | ||
2020-11-27 | CVE-2020-27745 | Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. | Debian_linux, Slurm | 9.8 | ||
2020-01-13 | CVE-2019-19728 | SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges. | Debian_linux, Leap, Slurm | 7.5 | ||
2019-01-31 | CVE-2019-6438 | SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems. | Leap, Slurm | 9.8 | ||
2020-01-13 | CVE-2019-19727 | SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions. | Leap, Slurm | N/A | ||
2017-11-01 | CVE-2017-15566 | Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution. | Slurm | 7.8 |