PT-2021-5491 · Saltstack +3 · Saltstack Salt +3

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: The issue is related to insufficient argument checking in the salt.utils.thin.gen thin function, allowing for command injection when crafted web requests are sent to the Salt API. This is d...

PT-2021-7513 · Saltstack +3 · Saltstack Salt +3

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: An issue was discovered in SaltStack Salt, where the salt.wheel.pillar roots.write method is vulnerable to directory traversal. This vulnerability is related to incorrect restriction of the...