| id: GO-2025-4177 |
| modules: |
| - module: github.com/sylabs/singularity |
| unsupported_versions: |
| - cve_version_range: affected at > 4.2.0-rc.1, < 4.3.5 |
| vulnerable_at: 0.0.0-20230731083700-61a3083f0c3c |
| - module: github.com/sylabs/singularity/v4 |
| non_go_versions: |
| - fixed: 4.1.11 |
| vulnerable_at: 4.3.5 |
| summary: Singularity ineffectively applies of selinux / apparmor LSM process labels in github.com/sylabs/singularity |
| cves: |
| - CVE-2025-64750 |
| ghsas: |
| - GHSA-wwrx-w7c9-rf87 |
| references: |
| - advisory: https://github.com/sylabs/singularity/security/advisories/GHSA-wwrx-w7c9-rf87 |
| - advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-64750 |
| - fix: https://github.com/sylabs/singularity/commit/27882963879a7af1699fd6511c3f5f1371d80f33 |
| - fix: https://github.com/sylabs/singularity/commit/5af3e790c40593591dfc26d0692e4d4b21c29ba0 |
| - fix: https://github.com/sylabs/singularity/pull/3850 |
| - web: https://github.com/advisories/GHSA-fh74-hm69-rqjw |
| - web: https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm |
| source: |
| id: CVE-2025-64750 |
| created: 2025-12-05T21:41:31.738679774Z |
| review_status: UNREVIEWED |
