Search CVE reports
1 – 2 of 2 results
syslabs/sif is the Singularity Image Format (SIF) reference implementation. In versions prior to 2.8.1the `github.com/sylabs/sif/v2/pkg/integrity` package did not verify that the hash algorithm(s) used are cryptographically secure...
2 affected packages
golang-github-sylabs-sif, singularity-container
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang-github-sylabs-sif | Not affected | Vulnerable | Vulnerable | Not in release |
| singularity-container | Needs evaluation | Not in release | Not in release | Needs evaluation |
SIF is an open source implementation of the Singularity Container Image Format. The `siftool new` command and func siftool.New() produce predictable UUID identifiers due to insecure randomness in the version of the...
2 affected packages
golang-github-sylabs-sif, singularity-container
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang-github-sylabs-sif | Vulnerable | Vulnerable | Vulnerable | Not in release |
| singularity-container | Needs evaluation | Not in release | Not in release | Needs evaluation |