Search CVE reports
11 – 20 of 25 results
CVE-2021-31215
Medium prioritySome fixes available 5 of 7
SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.
2 affected packages
slurm-llnl, slurm-wlm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| slurm-llnl | Not in release | Not in release | Fixed | Fixed | Fixed |
| slurm-wlm | Not affected | Not affected | Not in release | Not in release | Ignored |
CVE-2020-27746
Medium prioritySome fixes available 2 of 3
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.
1 affected package
slurm-llnl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| slurm-llnl | Not in release | Not in release | Fixed | Fixed | Not affected |
CVE-2020-27745
Medium prioritySome fixes available 2 of 3
Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin.
1 affected package
slurm-llnl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| slurm-llnl | Not in release | Not in release | Fixed | Fixed | Not affected |
CVE-2020-12693
Medium prioritySome fixes available 3 of 4
Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as...
1 affected package
slurm-llnl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| slurm-llnl | Not in release | Not in release | Fixed | Fixed | Fixed |
CVE-2019-19728
Medium prioritySchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges.
1 affected package
slurm-llnl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| slurm-llnl | Not in release | Not in release | Not affected | Vulnerable | Vulnerable |
CVE-2019-19727
Low prioritySchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions.
1 affected package
slurm-llnl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| slurm-llnl | Not in release | Not in release | Not affected | Needs evaluation | Needs evaluation |
CVE-2019-12838
Medium prioritySchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.
1 affected package
slurm-llnl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| slurm-llnl | Not in release | Not in release | Not affected | Vulnerable | Vulnerable |
CVE-2019-6438
Medium prioritySome fixes available 3 of 4
SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems.
1 affected package
slurm-llnl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| slurm-llnl | — | Not in release | Not affected | Fixed | Fixed |
CVE-2018-10995
Medium prioritySchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).
1 affected package
slurm-llnl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| slurm-llnl | — | Not in release | Not affected | Fixed | Fixed |
CVE-2018-7033
Medium prioritySome fixes available 3 of 4
SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD.
1 affected package
slurm-llnl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| slurm-llnl | — | Not in release | Not affected | Fixed | Fixed |