Lucene search
GoogleOSV:CVE-2021-29499HistoryMay 07, 2021 - 9:15 p.m.
CVE-2021-29499
2021-05-0721:15:07
Google
osv.dev
4
cve-2021-29499
singularity container image format
siftool
uuid
github.com/satori/go.uuid
patch
version v1.2.3
createinfo struct
vulnerability
software
SIF is an open source implementation of the Singularity Container Image Format. The siftool new command and func siftool.New() produce predictable UUID identifiers due to insecure randomness in the version of the github.com/satori/go.uuid module used as a dependency. A patch is available in version >= v1.2.3 of the module. Users are encouraged to upgrade. As a workaround, users passing CreateInfo struct should ensure the ID field is generated using a version of github.com/satori/go.uuid that is not vulnerable to this issue.
Related
prion
prion
Command injection
2021-05-07 21:15:00
github
github
Predictable SIF UUID Identifiers in github.com/sylabs/sif
2021-05-18 18:30:38
cve
cve
CVE-2021-29499
2021-05-07 21:15:07
osv
osv
Predictable SIF UUID Identifiers in github.com/sylabs/sif
2024-08-21 15:29:08
Predictable SIF UUID Identifiers in github.com/sylabs/sif
2021-05-18 18:30:38
cvelist
cvelist
CVE-2021-29499 Predictable SIF UUID Identifiers
2021-05-07 20:50:09
nvd
nvd
CVE-2021-29499
2021-05-07 21:15:07
debiancve
debiancve
CVE-2021-29499
2021-05-07 21:15:07
ubuntucve
ubuntucve
CVE-2021-29499
2021-05-07 00:00:00