20 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-20898
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that...
openSUSE: Security Advisory for SUSE Manager Client Tools (SUSE-SU-2023:3885-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for salt (SUSE-SU-2023:3863-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for salt (SUSE-SU-2023:3862-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: python3-salt / salt / salt-api / salt-bash-completion / salt-cloud / etc (SUSE-SU-2023:3862-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3862-1 advisory. Security issues fixed: - CVE-2023-20897: Fixed DOS in minion return. bsc1214796, bsc1213441 -...
SUSE SLES15: python3-salt / salt / salt-api / salt-bash-completion / salt-cloud / etc (SUSE-SU-2023:3864-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3864-1 advisory. Security issues fixed: - CVE-2023-20897: Fixed DOS in minion return. bsc1214796, bsc1213441 - CVE-2023-20898: Fixed Git Providers c...
SUSE: Security Advisory (SUSE-SU-2023:3864-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:3866-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:3865-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:3884-1 Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - Security issues fixed: CVE-2023-20897: Do not fail on bad message pack message bsc1213441 CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. bsc1214797, bsc1193948...
SUSE-SU-2023:3877-1 Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - Security issues fixed: CVE-2023-20897: Do not fail on bad message pack message bsc1213441 CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. bsc1214797, bsc1193948...
SUSE-SU-2023:3866-1 Security update for salt
This update for salt fixes the following issues: Security issues fixed: - CVE-2023-20897: Fixed DOS in minion return. bsc1214796, bsc1213441 - CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. bsc1214797, bsc1193948 Bugs...
SUSE-SU-2023:3863-1 Security update for salt
This update for salt fixes the following issues: Security issues fixed: - CVE-2023-20897: Fixed DOS in minion return. bsc1214796, bsc1213441 - CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. bsc1214797, bsc1193948 Bugs...
Fedora 37 : salt (2023-ac1aa963e4)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ac1aa963e4 advisory. Fixes for CVE-2023-20897 and CVE-2023-20898 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
CVE-2023-20898
creationtimestamp| type| source ---|---|--- 2023-09-05 14:16:57+00:00| seen| https://t.me/cibsecurity/69850...
CVE-2023-20898
Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongfu...
CVE-2023-20898
Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongfu...
elita (>=0.60.0 <=0.64.1), slskit (>=2020.1.1 <=2020.9.0) potentially affected by CVE-2023-20898 via salt (>=2014.1.10 <=3001.8.0)
salt PYPI version =2014.1.10, =0.60.0, =2020.1.1, =2020.9.0 Source cves: CVE-2023-20898 Source advisory: OSV:PYSEC-2023-169...
CVE-2023-20898
Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongfu...
CVE-2023-20898
CVE-2023-20898 affects SaltStack Salt masters prior to 3005.2 or 3006.2. The issue arises when Git Providers with different environments read from the same cache directory base name, allowing garbage or incorrect data to be read, which can lead to data disclosure, wrongful executions, data corrup...