17 matches found
elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2021-3144 via salt (=2014.1.10)
salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2021-3144 Source advisory: OSV:GHSA-W2HR-3MC8-46GH...
SUSE SLES11 Security Update : salt (SUSE-SU-2021:14650-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14650-1 advisory. - An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process...
SUSE: Security Advisory (SUSE-SU-2021:14650-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:14682-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:0630-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:0628-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:0631-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for salt (FEDORA-2021-43eb5584ad)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for salt (FEDORA-2021-904a2dbc0c)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 32 : salt (2021-904a2dbc0c)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-904a2dbc0c advisory. - An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name...
openSUSE Security Update : salt (openSUSE-2021-347)
This update for salt fixes the following issues : - Fix regression on cmd.run when passing tuples as cmd bsc1182740 - Allow extrafilerefs as sanitized kwargs for SSH client - Fix errors with virt.update - Fix for multiple for security issues CVE-2020-28243 CVE-2020-28972 CVE-2020-35662...
elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2021-3144 via salt (=2014.1.10)
salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2021-3144 Source advisory: OSV:PYSEC-2021-54...
CVE-2021-3144
CVE-2021-3144 affects SaltStack Salt prior to 3002.5. The vulnerability allows eauth tokens to be used once after expiration, potentially enabling an attacker to execute commands against the salt-master or minions. In exposed advisories, the impact is remote command execution with high severity, ...
Photon OS 1.0: Salt3 PHSA-2021-1.0-0364
An update of the salt3 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0364. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid146877...
Photon OS 3.0: Salt3 PHSA-2021-3.0-0200
An update of the salt3 package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0200. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid146874;...
CVE-2021-3144
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...
Security update for salt (critical)
openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2021:0347-1 Rating: critical References: 1181550 1181556 1181557 1181558 1181559 1181560 1181561 1181562 1181563 1181564 1181565 1182740 Cross-References: CVE-2020-28243 CVE-2020-28972 CVE-2020-35662 CVE-2021-25281...