aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2025-62348 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...

CVE-2022-0652

Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710...

EUVD-2018-0930

Malware in sbrugna...

EUVD-2017-15747

Malware in sbrugna...

EUVD-2017-15831

Malware in sbrugna...

EUVD-2017-15749

Malware in sbrugna...

EUVD-2024-18104

Malicious code in bioql PyPI...

EUVD-2022-26012

Malicious code in bioql PyPI...

EUVD-2024-18041

Malicious code in bioql PyPI...

EUVD-2021-7039

Malicious code in bioql PyPI...

EUVD-2022-25905

Malicious code in bioql PyPI...

aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2024-38825 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...

aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2025-22237 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...

aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2024-38822 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...

aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2024-38825 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...

aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2025-22240 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...

CVE-2022-20655

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this...

CVE-2024-20326

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

CVE-2024-20389

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

CVE-2022-20655

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this...