SchedMD Slurm 19.05.4

CPE Details

SchedMD Slurm 19.05.4
schedmd
slurm
19.05.4
2021-05-20
11h40 +00:00
2021-05-20
12h32 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:schedmd:slurm:19.05.4:*:*:*:*:*:*:*

Informations

Vendor

schedmd

Product

slurm

Version

19.05.4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-29500 2022-05-05 14h14 +00:00 SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
8.8
High
CVE-2022-29501 2022-05-05 14h13 +00:00 SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.
8.8
High
CVE-2021-31215 2021-05-13 03h51 +00:00 SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.
8.8
High
CVE-2020-27746 2020-11-27 16h03 +00:00 Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.
3.7
Low
CVE-2020-27745 2020-11-27 16h01 +00:00 Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin.
9.8
Critical
CVE-2020-12693 2020-05-21 20h27 +00:00 Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.
8.1
High
CVE-2019-19727 2020-01-13 17h14 +00:00 SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions.
5.5
Medium
CVE-2019-19728 2020-01-13 17h14 +00:00 SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges.
7.5
High