CVE-2020-25039

Published: Sep 16, 2020
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-25039" target="_blank" rel="noopener"> CVE-2020-25039
GHSA: <a href="https://github.com/advisories/GHSA-w6v2-qchm-grj7" target="_blank" rel="noopener"> GHSA-w6v2-qchm-grj7
Severity: High
Exploit:

Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution.

CVSS v3:

CVSS v2:

CWEs:

Software	From	Fixed in
sylabs / singularity	3.2.0	3.6.2.x
opensuse / leap	15.1	15.1.x
opensuse / leap	15.2	15.2.x
github.com/sylabs/singularity	3.2.0	3.6.3

Vulnerability Database