Dtrudg

**Name of the Vulnerable Software and Affected Versions** Sylabs Singularity versions 3.0 through 3.5 **Description** The issue concerns a lack of support for an Integrity Check in Sylabs Singularity. Specifically, the sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file. **Recommendations** For versions 3.0 through 3.5, consider implementing additional integrity checks on SIF files to ensure their authenticity and integrity until a patch is available. As a temporary workaround, restrict the use of unverified SIF files to minimize the risk of exploitation.