10 matches found
Fedora: Security Advisory (FEDORA-2025-551aed076e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: python3-salt / salt / salt-api / salt-bash-completion / salt-cloud / etc (SUSE-SU-2025:02534-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02534-1 advisory. - Security issues fixed: - CVE-2024-38822: Fixed Minion token validation bsc1244561 - CVE-2024-38823: Fixed server vulnerability t...
Security update for salt
This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...
SUSE-SU-2025:02476-1 Security update 4.3.16 for Multi-Linux Manager Server
This update fixes the following issues: release-notes-susemanager: - Update to SUSE Manager 4.3.16 Important Salt Security Update Added support for SUSE Linux Enterprise 15 SP7 as a client using the Salt Bundle CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2024-38824, CVE-2025-22239 CVE-2025-2223...
Fedora 42 : salt (2025-a5d73a0399)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a5d73a0399 advisory. - Resolves CVE-2024-38824 RHBZ2372731 - Resolves CVE-2024-38824 RHBZ2372733 - Resolves CVE-2025-22239 RHBZ2372732 - Resolves CVE-2025-22239...
heist-salt (>=1.0.0 <=5.3.1), isalt (>=2019.12.0 <=2021.2.2) +9 more potentially affected by CVE-2025-22239 via salt (=3007.14.0)
salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - heist-salt =1.0.0, =2019.12.0, =2019.6.28a3, =2.6.2.dev0, =2020.7.0, =1.1.1, =22.9.8.0rc1, =0.3.2, =0.5.7 - slskit =2022.4.0 Source cves:...
CVE-2025-22239
Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...
UBUNTU-CVE-2025-22239
Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...
CVE-2025-22239 CVE-2025-22239 salt advisory
Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...
CVE-2025-22239
CVE-2025-22239 – Salt Master event injection : The Salt Master’s _minion_event method can be abused by an authorized minion to push arbitrary events onto the master's event bus, enabling potential impact on integrity and confidentiality (I, C) with low availability impact. The advisory notes this...