Lucene search
+L

23 matches found

nessus
nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-25282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillarroots.write method is vulnerable to directory traversal. CVE-2021-25282 No...

9.1CVSS7.2AI score0.92312EPSS
Exploits5References2
openvas
openvas
added 2024/08/09 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-6948-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.99585EPSS
Exploits13References4
vulnersosv
vulnersosv
added 2022/05/24 5:43 p.m.9 views

elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2021-25282 via salt (=2014.1.10)

salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2021-25282 Source advisory: OSV:GHSA-76X4-X3P6-RPR9...

9.1CVSS7.2AI score0.92312EPSS
Exploits5
debian
debian
added 2022/01/03 8:17 p.m.131 views

[SECURITY] [DLA 2480-2] salt regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2480-2 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler January 03, 2022 https://wiki.debian.org/LTS -...

9.8CVSS8.1AI score0.99585EPSS
Exploits12
openvas
openvas
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2021:0630-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.92312EPSS
Exploits8References2
openvas
openvas
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2021:14650-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.92312EPSS
Exploits8References15
openvas
openvas
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2021:14682-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.92312EPSS
Exploits8References2
checkpoint_advisories
checkpoint_advisories
added 2021/04/25 12:0 a.m.16 views

SaltStack Salt Method Directory Traversal (CVE-2021-25282)

A directory traversal vulnerability exists in the WheelClient for Salt API, a component of SaltStack Salt. The vulnerability is due to improper validation of user-supplied in the pillarroots.write method...

6.4CVSS3.7AI score0.92312EPSS
Exploits5
openvas
openvas
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2021:0628-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.92312EPSS
Exploits8References15
openvas
openvas
added 2021/04/19 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2021:0631-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.92312EPSS
Exploits8References15
openvas
openvas
added 2021/03/20 12:0 a.m.20 views

Fedora: Security Advisory for salt (FEDORA-2021-43eb5584ad)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.4AI score0.92312EPSS
Exploits8References2
nessus
nessus
added 2021/03/03 12:0 a.m.36 views

Fedora 32 : salt (2021-904a2dbc0c)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-904a2dbc0c advisory. - An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name...

9.8CVSS7.1AI score0.92312EPSS
Exploits8References11
openvas
openvas
added 2021/03/03 12:0 a.m.22 views

Fedora: Security Advisory for salt (FEDORA-2021-904a2dbc0c)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.4AI score0.92312EPSS
Exploits8References2
nessus
nessus
added 2021/03/01 12:0 a.m.34 views

openSUSE Security Update : salt (openSUSE-2021-347)

This update for salt fixes the following issues : - Fix regression on cmd.run when passing tuples as cmd bsc1182740 - Allow extrafilerefs as sanitized kwargs for SSH client - Fix errors with virt.update - Fix for multiple for security issues CVE-2020-28243 CVE-2020-28972 CVE-2020-35662...

9.8CVSS6.9AI score0.92312EPSS
Exploits8References22
nvd
nvd
added 2021/02/27 5:15 a.m.19 views

CVE-2021-25282

An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillarroots.write method is vulnerable to directory traversal...

9.1CVSS0.92312EPSS
Exploits5References11
ubuntucve
ubuntucve
added 2021/02/27 5:15 a.m.34 views

CVE-2021-25282

An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillarroots.write method is vulnerable to directory traversal...

9.1CVSS7.2AI score0.92312EPSS
Exploits5References4
cve
cve
added 2021/02/27 12:0 a.m.320 views

CVE-2021-25282

CVE-2021-25282 affects SaltStack Salt prior to 3002.5, where the salt.wheel.pillar_roots.write method is vulnerable to directory traversal in the Salt API wheelClient. This can allow writing to subdirectories via pillar_roots.write. Debian and Fedora advisories indicate patches and upgrades to Sa...

9.1CVSS9.1AI score0.92312EPSS
Exploits5References11Affected Software1
nessus
nessus
added 2021/02/27 12:0 a.m.63 views

Photon OS 3.0: Salt3 PHSA-2021-3.0-0200

An update of the salt3 package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0200. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid146874;...

9.8CVSS8AI score0.92312EPSS
Exploits8References9
nessus
nessus
added 2021/02/27 12:0 a.m.59 views

Photon OS 1.0: Salt3 PHSA-2021-1.0-0364

An update of the salt3 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0364. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid146877...

9.8CVSS7.7AI score0.92312EPSS
Exploits8References11
redhatcve
redhatcve
added 2021/02/26 7:3 p.m.31 views

CVE-2021-25282

A flaw was found in salt. The salt.wheel.pillarroots.write method is vulnerable to directory traversal...

9.1CVSS3.3AI score0.92312EPSS
Exploits5References3
Rows per page
Query Builder