FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3a66cb69-716f-11e8-be54-3085a9a47796slurm -- insecure handling of user_name and gid fields

SchedMD reports:

Insecure handling of user_name and gid fields (CVE-2018-10995)

While fixes are only available for the supported 17.02 and 17.11 releases, it is believed that similar vulnerabilities do affect past versions as well. The only resolution is to upgrade Slurm to a fixed release.


Discovery 2018-05-30
Entry 2018-06-16
slurm-wlm
< 17.02.11

https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html
b3e04661-2a0a-11e8-9e63-3085a9a47796slurm-wlm -- SQL Injection attacks against SlurmDBD

SchedMD reports:

Several issues were discovered with incomplete sanitization of user-provided text strings, which could potentially lead to SQL injection attacks against SlurmDBD itself. Such exploits could lead to a loss of accounting data, or escalation of user privileges on the cluster.


Discovery 2018-03-15
Entry 2018-03-17
slurm-wlm
< 17.02.10

CVE-2018-7033
https://nvd.nist.gov/vuln/detail/CVE-2018-7033