Vulnerabilities in salt for arbitrary code execution, command execution, and token retrieval fixed in versions 2016.11.2+ds-1+deb9u3 and 2018.3.4+dfsg1-6+deb10u1
Reporter | Title | Published | Views | Family All 145 |
---|---|---|---|---|
OSV | salt - security update | 6 May 202000:00 | – | osv |
OSV | salt - security update | 29 May 202000:00 | – | osv |
OSV | salt - security update | 7 May 202000:00 | – | osv |
OSV | salt vulnerabilities | 25 Jun 202419:30 | – | osv |
OSV | PYSEC-2020-177 | 17 Jan 202002:15 | – | osv |
OSV | CVE-2019-17361 | 17 Jan 202002:15 | – | osv |
OSV | SaltStack Salt is vulnerable to command injection | 24 May 202217:06 | – | osv |
OSV | SaltStack Salt is vulnerable Arbitrary Directory Access | 24 May 202217:16 | – | osv |
OSV | CVE-2020-11652 | 30 Apr 202017:15 | – | osv |
OSV | CVE-2020-11651 | 30 Apr 202017:15 | – | osv |
OS | OS Version | Architecture | Package | Package Version | Filename |
---|---|---|---|---|---|
Debian | 9 | all | salt-cloud | 2016.11.2+ds-1+deb9u3 | salt-cloud_2016.11.2+ds-1+deb9u3_all.deb |
Debian | 9 | all | salt-master | 2016.11.2+ds-1+deb9u4 | salt-master_2016.11.2+ds-1+deb9u4_all.deb |
Debian | 9 | all | salt-doc | 2016.11.2+ds-1+deb9u3 | salt-doc_2016.11.2+ds-1+deb9u3_all.deb |
Debian | 10 | all | salt-api | 2018.3.4+dfsg1-6+deb10u1 | salt-api_2018.3.4+dfsg1-6+deb10u1_all.deb |
Debian | 9 | all | salt-ssh | 2016.11.2+ds-1+deb9u4 | salt-ssh_2016.11.2+ds-1+deb9u4_all.deb |
Debian | 9 | all | salt-ssh | 2016.11.2+ds-1+deb9u3 | salt-ssh_2016.11.2+ds-1+deb9u3_all.deb |
Debian | 8 | all | salt-master | 2014.1.13+ds-3+deb8u1 | salt-master_2014.1.13+ds-3+deb8u1_all.deb |
Debian | 8 | all | salt-minion | 2014.1.13+ds-3+deb8u1 | salt-minion_2014.1.13+ds-3+deb8u1_all.deb |
Debian | 9 | all | salt-minion | 2016.11.2+ds-1+deb9u4 | salt-minion_2016.11.2+ds-1+deb9u4_all.deb |
Debian | 9 | all | salt-cloud | 2016.11.2+ds-1+deb9u4 | salt-cloud_2016.11.2+ds-1+deb9u4_all.deb |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo