Singularity version from 3.3.0 to 3.5.1 Incorrect Default Permissions Vulnerability
Singularity version from 3.3.0 to 3.5.1 suffers from incorrect default permissions vulnerability
The information has been provided by Vendor
The original article can be found at:https://github.com/sylabs/singularity/releases/tag/v3.5.2
Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services.
Singularity version from 3.3.0 to 3.5.1