VulnerableCode Package Details - pkg:deb/debian/singularity-container@0?distro=sid

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-96qz-zbn5-n3ar	Incorrect Permission Assignment for Critical Resource in Singularity An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.	CVE-2019-11328 GHSA-557g-r22w-9wvx
VCID-qmeu-u8p6-9bcp	A vulnerability in Singularity could result in remote code execution.	CVE-2021-32635 GHSA-5mv9-q7fq-9394
VCID-uakh-v3bf-77cq	Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce.	CVE-2021-33027

Vulnerability

Summary

Aliases

VCID-96qz-zbn5-n3ar

Incorrect Permission Assignment for Critical Resource in Singularity An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.

CVE-2019-11328
GHSA-557g-r22w-9wvx

VCID-qmeu-u8p6-9bcp

A vulnerability in Singularity could result in remote code execution.

CVE-2021-32635
GHSA-5mv9-q7fq-9394

VCID-uakh-v3bf-77cq

Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce.

CVE-2021-33027

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:25:53.462938+00:00	Debian Importer	Fixing	VCID-96qz-zbn5-n3ar	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:17:50.500149+00:00	Debian Importer	Fixing	VCID-uakh-v3bf-77cq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:52:44.100636+00:00	Debian Importer	Fixing	VCID-qmeu-u8p6-9bcp	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:47:16.544316+00:00	Debian Importer	Fixing	VCID-96qz-zbn5-n3ar	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:41:10.476509+00:00	Debian Importer	Fixing	VCID-uakh-v3bf-77cq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:36:26.911215+00:00	Debian Importer	Fixing	VCID-qmeu-u8p6-9bcp	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:52:58.777781+00:00	Debian Importer	Fixing	VCID-uakh-v3bf-77cq	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:52:58.757387+00:00	Debian Importer	Fixing	VCID-qmeu-u8p6-9bcp	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:52:58.547642+00:00	Debian Importer	Fixing	VCID-96qz-zbn5-n3ar	https://security-tracker.debian.org/tracker/data/json	38.1.0