13 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-25283
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...
SUSE CVE-2021-25283
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...
GHSA-XGMH-GFXW-2HVV SaltStack Salt Server Side Template Injection
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...
SUSE: Security Advisory (SUSE-SU-2021:3553-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2021:3550-1 Security update for Salt
This update fixes the following issues: salt: - Fix the regression of dockercontainer state module - Support querying for JSON data in external sql pillar - Exclude the full path of a download URL to prevent injection of malicious code bsc1190265 CVE-2021-21996 - Fix wrong relative paths resoluti...
Server Side Template Injection
salt is vulnerable to server side template injection. Lack of protection against server-side template injection in jinja renderer allows an attacker to inject and execute malicious code...
Sql injection
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...
CVE-2021-25283
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...
PYSEC-2021-52
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...
UBUNTU-CVE-2021-25283
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...
CVE-2021-25283
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks...
SaltStack Salt Code Injection Vulnerability
SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A code injection vulnerability exists in SaltStack Salt versions prior to Salt 3002.5 that stems from a failure of t...
PT-2021-5498 · Saltstack +3 · Saltstack Salt +3
Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: An issue was discovered in SaltStack Salt where the jinja renderer does not protect against server-side template injection attacks. This could allow a remote attacker to execute arbitrary...