[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-13845":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":43,"aliases":44,"duplicate_of":9,"upstream":46,"downstream":47,"duplicates":58,"related":59,"reserved_at":9,"published_at":64,"modified_at":65,"state":66,"summary":67,"references_raw":76,"kevs":110,"epss":111,"epss_history":114,"metrics":377,"affected":389},"CVE-2020-13845","Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptor(s) in the SIF file, rather than to a cryptographically validated signature.",null,[11,27],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-347","Improper Verification of Cryptographic Signature","The product does not verify, or incorrectly verifies, the cryptographic signature for data.","weakness","Draft","Base",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-463","Padding Oracle Crypto Attack",[],{"id":24,"name":25,"techniques":26},"CAPEC-475","Signature Spoofing by Improper Validation",[],{"_key":28,"id":28,"name":29,"description":30,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":31,"capec":32},"CWE-354","Improper Validation of Integrity Check Value","The product does not validate or incorrectly validates the integrity check values or \"checksums\" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.","Medium",[33,37,39],{"id":34,"name":35,"techniques":36},"CAPEC-145","Checksum Spoofing",[],{"id":20,"name":21,"techniques":38},[],{"id":40,"name":41,"techniques":42},"CAPEC-75","Manipulating Writeable Configuration Files",[],[],[45],"GHSA-pmfr-63c2-jr5c",[],[48,50,52,54,56],{"_key":49},"OPENSUSE-SU-2020:1100-1",{"_key":51},"OPENSUSE-SU-2020:1011-1",{"_key":53},"OPENSUSE-SU-2020:1037-1",{"_key":55},"OPENSUSE-SU-2024:11384-1",{"_key":57},"UBUNTU-CVE-2020-13845",[],[60,61,62,63],{"_key":49},{"_key":51},{"_key":53},{"_key":55},"2020-07-14T17:23:08.000Z","2024-08-04T12:32:13.057Z","Modified",{"cisa_kev":68,"cisa_ransomware":68,"cisa_vendor":9,"epss_severity":69,"epss_score":70,"severity":71,"severity_score":72,"severity_version":73,"severity_source":74,"severity_vector":75,"severity_status":66},false,"low",0.00079,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",[77,86,90,97,101,105],{"url":78,"sources":79,"tags":82},"https://medium.com/sylabs",[80,74,81],"cve.org","osv_go",[83,84,85],"X Refsource MISC","Third Party Advisory","WEB",{"url":87,"sources":88,"tags":89},"https://github.com/hpcng/singularity/security/advisories/GHSA-pmfr-63c2-jr5c",[80,74,81],[83,84,85],{"url":91,"sources":92,"tags":93},"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00046.html",[80,74,81],[94,95,96,85],"Vendor Advisory","X Refsource SUSE","Broken Link",{"url":98,"sources":99,"tags":100},"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html",[80,74,81],[94,95,96,85],{"url":102,"sources":103,"tags":104},"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.html",[80,74,81],[94,95,96,85],{"url":106,"sources":107,"tags":108},"https://nvd.nist.gov/vuln/detail/CVE-2020-13845",[81],[109],"Advisory",[],{"date":112,"score":70,"percentile":113},"2026-06-04",0.23406,[115,118,121,124,127,130,133,136,139,142,145,147,150,153,156,159,162,165,168,171,174,177,180,183,186,189,192,195,198,201,204,207,209,212,215,218,220,223,226,229,232,235,238,241,244,247,250,253,256,259,262,265,268,271,273,276,279,282,285,288,291,294,297,300,303,305,308,311,313,316,319,321,324,327,330,333,336,338,341,344,347,350,353,356,359,362,365,368,371,374],{"date":116,"score":70,"percentile":117},"2025-11-04",0.24026,{"date":119,"score":70,"percentile":120},"2025-11-05",0.24015,{"date":122,"score":70,"percentile":123},"2025-11-06",0.24022,{"date":125,"score":70,"percentile":126},"2025-11-07",0.24028,{"date":128,"score":70,"percentile":129},"2025-11-08",0.24014,{"date":131,"score":70,"percentile":132},"2025-11-09",0.23963,{"date":134,"score":70,"percentile":135},"2025-11-10",0.23919,{"date":137,"score":70,"percentile":138},"2025-11-11",0.23934,{"date":140,"score":70,"percentile":141},"2025-11-12",0.23969,{"date":143,"score":70,"percentile":144},"2025-11-13",0.23972,{"date":146,"score":70,"percentile":132},"2025-11-14",{"date":148,"score":70,"percentile":149},"2025-11-15",0.23949,{"date":151,"score":70,"percentile":152},"2025-11-16",0.23899,{"date":154,"score":70,"percentile":155},"2025-11-17",0.23858,{"date":157,"score":70,"percentile":158},"2025-11-18",0.19555,{"date":160,"score":70,"percentile":161},"2025-11-19",0.19579,{"date":163,"score":70,"percentile":164},"2025-11-20",0.19562,{"date":166,"score":70,"percentile":167},"2025-11-21",0.23803,{"date":169,"score":70,"percentile":170},"2025-11-22",0.238,{"date":172,"score":70,"percentile":173},"2025-11-23",0.23753,{"date":175,"score":70,"percentile":176},"2025-11-24",0.23718,{"date":178,"score":70,"percentile":179},"2025-11-25",0.23706,{"date":181,"score":70,"percentile":182},"2025-11-26",0.2369,{"date":184,"score":70,"percentile":185},"2025-11-27",0.23689,{"date":187,"score":70,"percentile":188},"2025-11-28",0.2367,{"date":190,"score":70,"percentile":191},"2025-11-29",0.23653,{"date":193,"score":70,"percentile":194},"2025-11-30",0.23646,{"date":196,"score":70,"percentile":197},"2025-12-01",0.23682,{"date":199,"score":70,"percentile":200},"2025-12-02",0.23699,{"date":202,"score":70,"percentile":203},"2025-12-03",0.23714,{"date":205,"score":70,"percentile":206},"2025-12-04",0.23641,{"date":208,"score":70,"percentile":185},"2025-12-05",{"date":210,"score":70,"percentile":211},"2025-12-06",0.23687,{"date":213,"score":70,"percentile":214},"2025-12-07",0.2365,{"date":216,"score":70,"percentile":217},"2025-12-08",0.2366,{"date":219,"score":70,"percentile":176},"2025-12-09",{"date":221,"score":70,"percentile":222},"2025-12-10",0.23786,{"date":224,"score":70,"percentile":225},"2025-12-11",0.23821,{"date":227,"score":70,"percentile":228},"2025-12-12",0.23837,{"date":230,"score":70,"percentile":231},"2025-12-13",0.23839,{"date":233,"score":70,"percentile":234},"2025-12-14",0.23809,{"date":236,"score":70,"percentile":237},"2025-12-15",0.23787,{"date":239,"score":70,"percentile":240},"2025-12-16",0.23807,{"date":242,"score":70,"percentile":243},"2025-12-17",0.23887,{"date":245,"score":70,"percentile":246},"2025-12-18",0.23911,{"date":248,"score":70,"percentile":249},"2025-12-19",0.23931,{"date":251,"score":70,"percentile":252},"2025-12-20",0.239,{"date":254,"score":70,"percentile":255},"2025-12-21",0.23841,{"date":257,"score":70,"percentile":258},"2025-12-22",0.23802,{"date":260,"score":70,"percentile":261},"2025-12-23",0.23777,{"date":263,"score":70,"percentile":264},"2025-12-24",0.23788,{"date":266,"score":70,"percentile":267},"2025-12-25",0.23866,{"date":269,"score":70,"percentile":270},"2025-12-26",0.23853,{"date":272,"score":70,"percentile":270},"2025-12-27",{"date":274,"score":70,"percentile":275},"2025-12-28",0.23767,{"date":277,"score":70,"percentile":278},"2025-12-29",0.23735,{"date":280,"score":70,"percentile":281},"2025-12-30",0.23719,{"date":283,"score":70,"percentile":284},"2025-12-31",0.2378,{"date":286,"score":70,"percentile":287},"2026-01-01",0.2388,{"date":289,"score":70,"percentile":290},"2026-01-02",0.23875,{"date":292,"score":70,"percentile":293},"2026-01-03",0.23854,{"date":295,"score":70,"percentile":296},"2026-01-04",0.23763,{"date":298,"score":70,"percentile":299},"2026-01-05",0.2374,{"date":301,"score":70,"percentile":302},"2026-01-06",0.23747,{"date":304,"score":70,"percentile":284},"2026-01-07",{"date":306,"score":70,"percentile":307},"2026-01-08",0.23828,{"date":309,"score":70,"percentile":310},"2026-01-09",0.23816,{"date":312,"score":70,"percentile":237},"2026-01-10",{"date":314,"score":70,"percentile":315},"2026-01-11",0.23765,{"date":317,"score":70,"percentile":318},"2026-01-12",0.23729,{"date":320,"score":70,"percentile":179},"2026-01-13",{"date":322,"score":70,"percentile":323},"2026-01-14",0.23766,{"date":325,"score":70,"percentile":326},"2026-01-15",0.2376,{"date":328,"score":70,"percentile":329},"2026-01-16",0.23793,{"date":331,"score":70,"percentile":332},"2026-01-17",0.2379,{"date":334,"score":70,"percentile":335},"2026-01-18",0.23748,{"date":337,"score":70,"percentile":200},"2026-01-19",{"date":339,"score":70,"percentile":340},"2026-01-20",0.23669,{"date":342,"score":70,"percentile":343},"2026-01-21",0.23615,{"date":345,"score":70,"percentile":346},"2026-01-22",0.23598,{"date":348,"score":70,"percentile":349},"2026-01-23",0.23683,{"date":351,"score":70,"percentile":352},"2026-01-24",0.23696,{"date":354,"score":70,"percentile":355},"2026-01-25",0.2361,{"date":357,"score":70,"percentile":358},"2026-01-26",0.23503,{"date":360,"score":70,"percentile":361},"2026-01-27",0.23492,{"date":363,"score":70,"percentile":364},"2026-01-28",0.23494,{"date":366,"score":70,"percentile":367},"2026-01-29",0.2345,{"date":369,"score":70,"percentile":370},"2026-01-30",0.23448,{"date":372,"score":70,"percentile":373},"2026-01-31",0.23445,{"date":375,"score":70,"percentile":376},"2026-02-01",0.23488,[378,387],{"source":74,"cvss_v2_0":379,"cvss_v3_0":9,"cvss_v3_1":384,"cvss_v4_0":9},{"baseScore":380,"baseSeverity":9,"vectorString":381,"impactScore":382,"exploitabilityScore":383},5,"AV:N/AC:L/Au:N/C:N/I:P/A:N",2.9,10,{"baseScore":72,"baseSeverity":385,"vectorString":75,"impactScore":386,"exploitabilityScore":383},"HIGH",6,{"source":81,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":388,"cvss_v4_0":9},{"baseScore":72,"baseSeverity":9,"vectorString":75,"impactScore":386,"exploitabilityScore":383},[390,405],{"ecosystem":391,"name":392,"vendor":393,"product":394,"cpe_part":9,"purl_type":395,"purl_namespace":393,"purl_name":394,"source":9,"versions":396},"Go","github.com/sylabs/singularity","github.com/sylabs","singularity","golang",[397],{"version":398,"is_range":399,"range_type":400,"version_start":401,"version_start_type":402,"version_end":403,"version_end_type":404,"fixed_in":9},"gte3_0_0_lt3_6_0",true,"semver","3.0.0","including","3.6.0","excluding",{"ecosystem":9,"name":394,"vendor":406,"product":394,"cpe_part":407,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":408},"sylabs","a",[409],{"version":410,"is_range":399,"range_type":411,"version_start":401,"version_start_type":402,"version_end":412,"version_end_type":402,"fixed_in":9},"gte3.0.0_lte3.5.0","cpe","3.5.0"]