4 matches found
PYSEC-2026-529 Salt vulnerable to directory traversal attack in file receiving method
Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...
Advisory ROSA-SA-2025-2988
software: salt 3006.3 WASP: ROSA-CHROME unaffected versions = salt-3006.3-2 affected versions salt-3006.3-2 CVE-ID: CVE-2024-38824 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A directory traversal vulnerability in recvfile allows an attacker to write arbitrary files to the master cache directory...
UBUNTU-CVE-2024-38824
Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...
CVE-2024-38824
CVE-2024-38824 is a directory traversal vulnerability in the recv_file method that allows writing arbitrary files into the Salt master cache directory. Public references in multiple advisories (SUSE openSUSE/SUSE-SU-2025-02501/-02492/-02476, SUSE-2025-02492, -02500, -02502) confirm the flaw affec...