DSA-4254-1 slurm-llnl -- slurm-llnl| ID: oval:org.secpod.oval:def:603466 | Date: (C)2018-07-25 (M)2023-04-27 |
| Class: PATCH | Family: unix |
Several vulnerabilities were discovered in the Simple Linux Utility for Resource Management , a cluster resource management and job scheduling system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-7033 Incomplete sanitization of user-provided text strings could lead to SQL injection attacks against slurmdbd. CVE-2018-10995 Insecure handling of user_name and gid fields leading to improper authentication handling.
| Product: |
| libslurmdb30 |
| slurmctld |
| libpmi2-0 |
| libslurmdb-perl |
| slurm-llnl |
| slurmd |
| libpmi0 |
| slurm-wlm |
| libslurm-dev |
| libslurm30 |
| slurm-client |
| libslurmdb-dev |
| sview |
| libslurm-perl |
| libpam-slurm |
