DSA-4254-1 slurm-llnl -- slurm-llnlID: oval:org.secpod.oval:def:603466 | Date: (C)2018-07-25 (M)2023-04-27 |
Class: PATCH | Family: unix |
Several vulnerabilities were discovered in the Simple Linux Utility for Resource Management , a cluster resource management and job scheduling system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-7033 Incomplete sanitization of user-provided text strings could lead to SQL injection attacks against slurmdbd. CVE-2018-10995 Insecure handling of user_name and gid fields leading to improper authentication handling.
Product: |
libslurmdb30 |
slurmctld |
libpmi2-0 |
libslurmdb-perl |
slurm-llnl |
slurmd |
libpmi0 |
slurm-wlm |
libslurm-dev |
libslurm30 |
slurm-client |
libslurmdb-dev |
sview |
libslurm-perl |
libpam-slurm |