Lucene search
K

14 matches found

OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-551aed076e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS6.8AI score0.00982EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2025/07/29 12:0 a.m.8 views

SUSE SLES15: python3-salt / salt / salt-api / salt-bash-completion / salt-cloud / etc (SUSE-SU-2025:02534-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02534-1 advisory. - Security issues fixed: - CVE-2024-38822: Fixed Minion token validation bsc1244561 - CVE-2024-38823: Fixed server vulnerability t...

9.6CVSS7.3AI score0.00982EPSS
Exploits0References38
SUSE Linux
SUSE Linux
added 2025/07/23 1:41 p.m.2 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
OSV
OSV
added 2025/07/23 12:37 p.m.4 views

SUSE-SU-2025:02476-1 Security update 4.3.16 for Multi-Linux Manager Server

This update fixes the following issues: release-notes-susemanager: - Update to SUSE Manager 4.3.16 Important Salt Security Update Added support for SUSE Linux Enterprise 15 SP7 as a client using the Salt Bundle CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2024-38824, CVE-2025-22239 CVE-2025-2223...

9.8CVSS5.8AI score0.10353EPSS
Exploits1References73
Tenable Nessus
Tenable Nessus
added 2025/07/01 12:0 a.m.15 views

Fedora 42 : salt (2025-a5d73a0399)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a5d73a0399 advisory. - Resolves CVE-2024-38824 RHBZ2372731 - Resolves CVE-2024-38824 RHBZ2372733 - Resolves CVE-2025-22239 RHBZ2372732 - Resolves CVE-2025-22239...

9.6CVSS5.5AI score0.00982EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2025/06/13 6:19 p.m.6 views

CVE-2025-22236

Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions = 3007.0. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security...

8.1CVSS7.9AI score0.00149EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/06/13 9:30 a.m.8 views

heist-salt (>=1.0.0 <=5.3.1), isalt (>=2019.12.0 <=2021.2.2) +9 more potentially affected by CVE-2025-22236 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - heist-salt =1.0.0, =2019.12.0, =2019.6.28a3, =2.6.2.dev0, =2020.7.0, =1.1.1, =22.9.8.0rc1, =0.3.2, =0.5.7 - slskit =2022.4.0 Source cves:...

8.1CVSS7.2AI score0.00149EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/13 7:43 a.m.7 views

heist-salt (>=1.0.0 <=5.3.1), isalt (>=2019.12.0 <=2021.2.2) +9 more potentially affected by CVE-2025-22236 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - heist-salt =1.0.0, =2019.12.0, =2019.6.28a3, =2.6.2.dev0, =2020.7.0, =1.1.1, =22.9.8.0rc1, =0.3.2, =0.5.7 - slskit =2022.4.0 Source cves:...

8.1CVSS7.2AI score0.00149EPSS
Exploits0
NVD
NVD
added 2025/06/13 7:15 a.m.9 views

CVE-2025-22236

Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions = 3007.0...

8.1CVSS0.00149EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/06/13 7:15 a.m.4 views

CVE-2025-22236

Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions = 3007.0...

8.1CVSS7.4AI score0.00149EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/06/13 7:15 a.m.4 views

CVE-2025-22236

Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions = 3007.0...

8.1CVSS5.9AI score0.00149EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/13 6:53 a.m.5 views

CVE-2025-22236 CVE-2025-22236 salt advisory

Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions = 3007.0...

8.1CVSS7.2AI score0.00149EPSS
Exploits0References2
CVE
CVE
added 2025/06/13 6:53 a.m.115 views

CVE-2025-22236

CVE-2025-22236 concerns Salt minion: an attacker with a minion key could craft a message to trigger a job on other minions via the minion event bus authorization bypass. Technical details in connected sources show this affects Salt Minion components (v3xxx series with 3007.0+ listed as affected) ...

8.1CVSS8.1AI score0.00149EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/13 6:53 a.m.19 views

CVE-2025-22236 CVE-2025-22236 salt advisory

Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions = 3007.0...

8.1CVSS0.00149EPSS
Exploits0References2
Rows per page
Query Builder