Search CVE reports
1 – 10 of 23 results
CVE-2022-26110
Low priorityAn issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user can then impersonate any entity when issuing...
1 affected package
condor
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
condor | Needs evaluation | — | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-45104
Medium priorityAn issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker who can capture HTCondor network data can interfere with users' jobs and data.
1 affected package
condor
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
condor | Needs evaluation | — | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-45103
Medium priorityAn issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can access files stored in S3 cloud storage that a user has asked HTCondor to transfer.
1 affected package
condor
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
condor | Needs evaluation | — | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-45102
Medium priorityAn issue was discovered in HTCondor 9.0.x before 9.0.4 and 9.1.x before 9.1.2. When authenticating to an HTCondor daemon using a SciToken, a user may be granted authorizations beyond what the token should allow.
1 affected package
condor
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
condor | Needs evaluation | — | Not affected | Not affected | Vulnerable |
CVE-2021-45101
Medium priorityAn issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. Using standard command-line tools, a user with only READ access to an HTCondor SchedD or Collector daemon can discover secrets that...
1 affected package
condor
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
condor | Needs evaluation | — | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-25312
Medium priorityHTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.
1 affected package
condor
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
condor | Needs evaluation | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-25311
Medium prioritycondor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.
1 affected package
condor
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
condor | Needs evaluation | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-18823
Low priorityHTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect Access Control. It is possible to use a different authentication method to submit a job than the administrator has specified. If the...
1 affected package
condor
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
condor | Needs evaluation | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2014-8126
High prioritySome fixes available 1 of 8
The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code.
1 affected package
condor
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
condor | — | — | — | Not affected | Not affected |
CVE-2012-3490
Medium priorityThe (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly...
1 affected package
condor
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
condor | — | — | — | — | — |