Fluid Attacks Database

Description

Singularity ineffectively applies of selinux / apparmor LSM process labels in github.com/sylabs/singularity Singularity ineffectively applies of selinux / apparmor LSM process labels in github.com/sylabs/singularity.

NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.

(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)

The additional affected modules and versions are: github.com/sylabs/singularity/v4 before v4.1.11.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
go	github.com/sylabs/singularity/v4	>=4.2.0-rc.1 <4.3.5 \|\| >=0 <4.1.11	4.3.5, 4.1.11
go	github.com/sylabs/singularity	-	-

Aliases

1. CVE-2025-647502. NVD-2025-647503. OSV-2025-647504. OSV-GO-2025-41775. GHSA-cgrx-mc8f-2prm6. GHSA-wwrx-w7c9-rf877. GHSA-fh74-hm69-rqjw8. GCVE-2025-647509. GHSA-wwrx-w7c9-rf87

References

1. https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm2. https://github.com/sylabs/singularity/security/advisories/GHSA-wwrx-w7c9-rf873. https://github.com/sylabs/singularity/pull/38504. https://github.com/sylabs/singularity/commit/27882963879a7af1699fd6511c3f5f1371d80f335. https://github.com/sylabs/singularity/commit/5af3e790c40593591dfc26d0692e4d4b21c29ba06. https://pkg.go.dev/vuln/GO-2025-4177

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.