CVE-2020-25040 – Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary di

Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039.

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25040

Reference (s):

• https://github.com/hpcng/singularity/security/advisories/GHSA-jv9c-w74q-6762
• https://medium.com/sylabs
• SUSE:openSUSE-SU-2020:1497
• URL: http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00070.html
• SUSE:openSUSE-SU-2020:1529