CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-29500
https://notcve.org/view.php?id=CVE-2022-29500
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. SchedMD Slurm versiones 21.08.x hasta 20.11.x, presenta un Control de Acceso Incorrecto que conlleva a una Divulgación de Información • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXLOI3ERTKMZR2KWNRN7OR5S55VPWENH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y6B7OWVNVCJUDE6VDWGCBUWMRCRETAO3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YBI4NFDGGMBKWG4EMSZL5UHATDCLPCQW https://lists.schedmd.com/pipermail/slurm-announce https://www.debian.org/security/2022/dsa-5166 https://www.schedmd.com/news.php https://www.schedmd.com/news. •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-29501
https://notcve.org/view.php?id=CVE-2022-29501
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. SchedMD Slurm versiones 21.08.x hasta 20.11.x , presenta un Control de Acceso Incorrecto que conlleva a una Escalada de Privilegios y ejecución de código • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXLOI3ERTKMZR2KWNRN7OR5S55VPWENH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y6B7OWVNVCJUDE6VDWGCBUWMRCRETAO3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YBI4NFDGGMBKWG4EMSZL5UHATDCLPCQW https://lists.schedmd.com/pipermail/slurm-announce https://www.debian.org/security/2022/dsa-5166 https://www.schedmd.com/news.php https://www.schedmd.com/news. •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-31215
https://notcve.org/view.php?id=CVE-2021-31215
SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling. SchedMD Slurm versiones anteriores a 20.02.7 y versiones 20.03.xa 20.11.x anteriores a 20.11.7, permite una ejecución de código remota como SlurmUser porque el uso de un script PrologSlurmctld o EpilogSlurmctld conlleva a un manejo inapropiado del entorno • https://lists.debian.org/debian-lts-announce/2022/01/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ODMJQNY4FAV7G3DSKVIO5KY7Q7DKBPU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRHTASFAU5FNB2MJOG67YID2ONQS5MCQ https://lists.schedmd.com/pipermail/slurm-announce/2021/000055.html https://www.schedmd.com/news.php?id=248#OPT_248 •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-27746
https://notcve.org/view.php?id=CVE-2020-27746
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem. Slurm versiones anteriores a 19.05.8 y versiones 20.x anteriores a 20.02.6, expone información confidencial a un actor no autorizado porque xauth para las cookies mágicas X11 está afectado por una condición de carrera en una operación de lectura en el sistema de archivos /proc • https://www.debian.org/security/2021/dsa-4841 https://www.schedmd.com/news.php • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-27745
https://notcve.org/view.php?id=CVE-2020-27745
Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. Slurm versiones anteriores a 19.05.8 y versiones 20.x anteriores a 20.02.6, presenta un Desbordamiento del Búfer RPC en el plugin PMIx MPI • https://lists.debian.org/debian-lts-announce/2022/01/msg00011.html https://www.debian.org/security/2021/dsa-4841 https://www.schedmd.com/news.php • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •