6 matches found
elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2015-1839 via salt (=2014.1.10)
salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2015-1839 Source advisory: OSV:PYSEC-2017-30...
CVE-2015-1839
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp...
CVE-2015-1839
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp...
CVE-2015-1839
CVE-2015-1839 affects SaltStack (Salt) due to insecure handling of files in /tmp in the module salt/modules/chef.py, specifically in versions before 2014.7.4. The vulnerability stems from improper /tmp handling, allowing an attacker to alter a specified file (per CNVD entry) and is documented acr...
CVE-2015-1839
Removed by vendor...
Fedora 23 : salt-2015.5.8-1.fc23 (2016-105b3b8804)
Update to bugfix release 2015.5.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...