) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:wisc:htcondor:7.8.2:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2021-45101 |
An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. Using standard command-line tools, a user with only READ access to an HTCondor SchedD or Collector daemon can discover secrets that could allow them to control other users' jobs and/or read their data. Published: December 16, 2021; 12:15:08 AM -0500 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0: 5.5 MEDIUM |
| CVE-2014-8126 |
The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code. Published: January 31, 2020; 5:15:10 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
| CVE-2012-3490 |
The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors. Published: January 09, 2020; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 9.0 HIGH |
| CVE-2017-16816 |
The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service (daemon crash) by leveraging use of GSI and VOMS extensions. Published: July 05, 2018; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.0 MEDIUM |