Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/singularity-container@0?distro=sid

Type deb

Namespace debian

Name singularity-container

Version 0

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.5.2-1

Latest_non_vulnerable_version 4.1.5+ds4-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-96qz-zbn5-n3ar

vulnerability_id VCID-96qz-zbn5-n3ar

summary

Incorrect Permission Assignment for Critical Resource in Singularity
An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00028.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00028.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11328

reference_id

reference_type

scores

value	0.00606
scoring_system	epss
scoring_elements	0.69674
published_at	2026-04-18T12:55:00Z

value	0.00606
scoring_system	epss
scoring_elements	0.69655
published_at	2026-04-21T12:55:00Z

value	0.00606
scoring_system	epss
scoring_elements	0.69665
published_at	2026-04-16T12:55:00Z

value	0.00824
scoring_system	epss
scoring_elements	0.74454
published_at	2026-04-09T12:55:00Z

value	0.00824
scoring_system	epss
scoring_elements	0.74447
published_at	2026-04-13T12:55:00Z

value	0.00824
scoring_system	epss
scoring_elements	0.74457
published_at	2026-04-12T12:55:00Z

value	0.00824
scoring_system	epss
scoring_elements	0.74398
published_at	2026-04-01T12:55:00Z

value	0.00824
scoring_system	epss
scoring_elements	0.74402
published_at	2026-04-02T12:55:00Z

value	0.00824
scoring_system	epss
scoring_elements	0.74429
published_at	2026-04-04T12:55:00Z

value	0.00824
scoring_system	epss
scoring_elements	0.74404
published_at	2026-04-07T12:55:00Z

value	0.00824
scoring_system	epss
scoring_elements	0.74437
published_at	2026-04-08T12:55:00Z

value	0.00824
scoring_system	epss
scoring_elements	0.74476
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11328

reference_url

https://github.com/sylabs/singularity/commit/618c9d56802399adb329c23ea2b70598eaff4a31

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sylabs/singularity/commit/618c9d56802399adb329c23ea2b70598eaff4a31

reference_url

https://github.com/sylabs/singularity/releases/tag/v3.2.0

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sylabs/singularity/releases/tag/v3.2.0

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5O3TPL5OOTIZEI4H6IQBCCISBARJ6WL3

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5O3TPL5OOTIZEI4H6IQBCCISBARJ6WL3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LIHV7DSEVTB5SUPEZ2UXGS3Q6WMEQSO2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LIHV7DSEVTB5SUPEZ2UXGS3Q6WMEQSO2

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNU5BUHFOTYUZVHFUSX2VG4S3RCPUEMA

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNU5BUHFOTYUZVHFUSX2VG4S3RCPUEMA

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11328

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11328

reference_url

http://www.openwall.com/lists/oss-security/2019/05/16/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/05/16/1

reference_url

http://www.securityfocus.com/bid/108360

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/108360

fixed_packages

url	pkg:deb/debian/singularity-container@0?distro=sid
purl	pkg:deb/debian/singularity-container@0?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/singularity-container@0%3Fdistro=sid

url	pkg:deb/debian/singularity-container@4.1.5%2Bds4-1?distro=sid
purl	pkg:deb/debian/singularity-container@4.1.5%2Bds4-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/singularity-container@4.1.5%252Bds4-1%3Fdistro=sid

aliases CVE-2019-11328, GHSA-557g-r22w-9wvx

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96qz-zbn5-n3ar

url VCID-qmeu-u8p6-9bcp

vulnerability_id VCID-qmeu-u8p6-9bcp

summary

A vulnerability in Singularity could result in remote code
    execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-32635

reference_id

reference_type

scores

value	0.00632
scoring_system	epss
scoring_elements	0.70273
published_at	2026-04-01T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.7028
published_at	2026-04-07T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.70303
published_at	2026-04-04T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.70286
published_at	2026-04-02T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.70368
published_at	2026-04-21T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.70388
published_at	2026-04-18T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.70379
published_at	2026-04-16T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.70335
published_at	2026-04-13T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.70349
published_at	2026-04-12T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.70364
published_at	2026-04-11T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.7034
published_at	2026-04-09T12:55:00Z

value	0.00632
scoring_system	epss
scoring_elements	0.70326
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-32635

reference_url

https://github.com/hpcng/singularity/security/advisories/GHSA-jq42-hfch-42f3

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/hpcng/singularity/security/advisories/GHSA-jq42-hfch-42f3

reference_url

https://github.com/sylabs/singularity

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/sylabs/singularity

reference_url

https://github.com/sylabs/singularity/commit/d52ae9d13979733c5e987a566fae59ed6f1bf796

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/sylabs/singularity/commit/d52ae9d13979733c5e987a566fae59ed6f1bf796

reference_url

https://github.com/sylabs/singularity/releases/tag/v3.7.4

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/sylabs/singularity/releases/tag/v3.7.4

reference_url

https://github.com/sylabs/singularity/security/advisories/GHSA-5mv9-q7fq-9394

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/sylabs/singularity/security/advisories/GHSA-5mv9-q7fq-9394

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-32635

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-32635

reference_url

https://security.gentoo.org/glsa/202107-50

reference_id

GLSA-202107-50

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202107-50

fixed_packages

url	pkg:deb/debian/singularity-container@0?distro=sid
purl	pkg:deb/debian/singularity-container@0?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/singularity-container@0%3Fdistro=sid

url	pkg:deb/debian/singularity-container@4.1.5%2Bds4-1?distro=sid
purl	pkg:deb/debian/singularity-container@4.1.5%2Bds4-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/singularity-container@4.1.5%252Bds4-1%3Fdistro=sid

aliases CVE-2021-32635, GHSA-5mv9-q7fq-9394

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qmeu-u8p6-9bcp

url VCID-uakh-v3bf-77cq

vulnerability_id VCID-uakh-v3bf-77cq

summary Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-33027

reference_id

reference_type

scores

value	0.00607
scoring_system	epss
scoring_elements	0.69593
published_at	2026-04-01T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69606
published_at	2026-04-02T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69622
published_at	2026-04-04T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.696
published_at	2026-04-07T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69651
published_at	2026-04-08T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69668
published_at	2026-04-09T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.6969
published_at	2026-04-11T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69675
published_at	2026-04-12T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.6966
published_at	2026-04-13T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69701
published_at	2026-04-16T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.6971
published_at	2026-04-18T12:55:00Z

value	0.00607
scoring_system	epss
scoring_elements	0.69691
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-33027

fixed_packages

url	pkg:deb/debian/singularity-container@0?distro=sid
purl	pkg:deb/debian/singularity-container@0?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/singularity-container@0%3Fdistro=sid

url	pkg:deb/debian/singularity-container@4.1.5%2Bds4-1?distro=sid
purl	pkg:deb/debian/singularity-container@4.1.5%2Bds4-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/singularity-container@4.1.5%252Bds4-1%3Fdistro=sid

aliases CVE-2021-33027

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uakh-v3bf-77cq

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/singularity-container@0%3Fdistro=sid

Package Instance