SUSE CVE-2020-16846

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection...

SUSE CVE-2020-17490

The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions...

SUSE CVE-2020-25592

In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH...

SUSE CVE-2020-28243

An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory...

SUSE CVE-2020-35662

In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated...

SUSE CVE-2021-3148

An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.genthin command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py...

SUSE CVE-2021-3197

An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via sshoptions provided in an API request...

SUSE CVE-2021-25281

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master...

SUSE CVE-2021-25283

An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...

SUSE CVE-2021-31607

In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff...

SUSE CVE-2022-22935

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master...

SUSE CVE-2022-22936

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A...

SUSE CVE-2022-22941

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisheracl, if a user configured in the publisheracl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid,...

SUSE CVE-2022-22967

An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.242)

The version of AHV installed on the remote host is prior to 20220304.242. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.242 advisory. - In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. CVE-2022-25315 - In Expat aka...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.2286)

The version of AHV installed on the remote host is prior to 20201105.2286. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20201105.2286 advisory. - In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. CVE-2022-25315 - In Expat ak...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.30281)

The version of AHV installed on the remote host is prior to 20201105.30281. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20201105.30281 advisory. - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSER...

SUSE SLES15 Security Update : salt (SUSE-SU-2022:2278-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2278-1 advisory. - An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allow...

SUSE SLES15 Security Update : salt (SUSE-SU-2022:2253-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2253-1 advisory. - An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allow...

CVE-2022-2282

Removed by vendor...