Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

853 matches found

OSV
OSVadded 2022/03/29 5:15 p.m.19 views

CVE-2022-22935

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master...

3.7CVSS4.6AI score
Exploits0References4
NVD
NVDadded 2022/03/29 5:15 p.m.15 views

CVE-2022-22941

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisheracl, if a user configured in the publisheracl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid,...

8.8CVSS0.00016EPSS
Exploits0References4
OSV
OSVadded 2022/03/29 5:15 p.m.18 views

CVE-2022-22941

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisheracl, if a user configured in the publisheracl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid,...

8.8CVSS8.9AI score
Exploits0References4
UbuntuCve
UbuntuCveadded 2022/03/29 5:15 p.m.34 views

CVE-2022-22935

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master...

4.3CVSS6.8AI score0.0007EPSS
Exploits0References5
Prion
Prionadded 2022/03/29 5:15 p.m.18 views

Code injection

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A...

5.4CVSS8.4AI score0.00107EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCveadded 2022/03/29 5:15 p.m.31 views

CVE-2022-22941

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisheracl, if a user configured in the publisheracl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid,...

8.8CVSS6.9AI score0.00016EPSS
Exploits0References5
PyPA
PyPAadded 2022/03/29 5:15 p.m.4 views

PYSEC-2022-171

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data...

8.8CVSS7.1AI score0.0012EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2022/03/29 5:15 p.m.20 views

PYSEC-2022-172

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master...

4.3CVSS4.5AI score0.0007EPSS
Exploits0References3
OSV
OSVadded 2022/03/29 5:15 p.m.0 views

UBUNTU-CVE-2022-22935

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master...

3.7CVSS6.7AI score0.0007EPSS
Exploits0References6
OSV
OSVadded 2022/03/29 5:15 p.m.0 views

UBUNTU-CVE-2022-22934

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data...

8.8CVSS7.4AI score0.0012EPSS
Exploits0References6
OSV
OSVadded 2022/03/29 5:15 p.m.21 views

PYSEC-2022-174

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisheracl, if a user configured in the publisheracl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid,...

8.8CVSS3AI score0.00016EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2022/03/29 5:15 p.m.32 views

CVE-2022-22934

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data...

8.8CVSS7AI score0.0012EPSS
Exploits0References5
OSV
OSVadded 2022/03/29 5:15 p.m.19 views

PYSEC-2022-171

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data...

8.8CVSS3.9AI score0.0012EPSS
Exploits0References3
OSV
OSVadded 2022/03/29 5:15 p.m.28 views

PYSEC-2022-173

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A...

8.8CVSS3.2AI score0.00107EPSS
Exploits0References3
Prion
Prionadded 2022/03/29 5:15 p.m.19 views

Authentication flaw

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master...

4.3CVSS4.1AI score0.0007EPSS
Exploits0References4Affected Software1
PyPA
PyPAadded 2022/03/29 5:15 p.m.4 views

PYSEC-2022-174

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisheracl, if a user configured in the publisheracl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid,...

8.8CVSS7AI score0.00016EPSS
Exploits0References3Affected Software1
PyPA
PyPAadded 2022/03/29 5:15 p.m.4 views

PYSEC-2022-173

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A...

8.8CVSS7.1AI score0.00107EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2022/03/29 5:15 p.m.17 views

Design/Logic Flaw

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data...

5.8CVSS8.5AI score0.0012EPSS
Exploits0References4Affected Software1
PyPA
PyPAadded 2022/03/29 5:15 p.m.4 views

PYSEC-2022-172

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master...

4.3CVSS7AI score0.0007EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2022/03/29 5:15 p.m.13 views

Information disclosure

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisheracl, if a user configured in the publisheracl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid,...

6CVSS8.4AI score0.00016EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder