3 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-38825
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by...
GHSA-4J59-VV55-Q6H3 Salt's salt.auth.pki module does not properly authenticate callers
The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication...
UBUNTU-CVE-2021-25284
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...