6 matches found
elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2015-4017 via salt (=2014.1.10)
salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2015-4017 Source advisory: OSV:GHSA-8J9G-C9RP-JVG4...
CVE-2015-4017
Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules...
elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2015-4017 via salt (=2014.1.10)
salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2015-4017 Source advisory: OSV:PYSEC-2017-31...
CVE-2015-4017
CVE-2015-4017 describes a vulnerability in Salt prior to 2014.7.6 where certificate verification is not performed when Salt connects via the aliyun, proxmox, and splunk modules. According to the connected SUSE/OSV records, the issue centers on Salt’s failure to validate certificates, potentially ...
CVE-2015-4017
Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules...
CVE-2015-4017
Removed by vendor...