SUSE SLES12 Security Update : salt (SUSE-SU-2022:1051-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1051-1 advisory. - An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with th...

CVE-2022-22934

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data...

PYSEC-2022-171

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data...

PT-2022-15743 · Saltstack +2 · Saltstack Salt +2

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.8 SaltStack Salt versions prior to 3003.4 SaltStack Salt versions prior to 3004.1 Description: An issue in SaltStack Salt allows a man-in-the-middle MiTM attacker to impersonate a master and cause a minio...

PT-2022-15742 · Saltstack +2 · Saltstack Salt +2

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.8 SaltStack Salt versions prior to 3003.4 SaltStack Salt versions prior to 3004.1 Description: An issue was discovered in SaltStack Salt where Salt Masters do not sign pillar data with the minion’s public...

CVE-2022-22934

Removed by vendor...