Lucene search
K

52 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

openSUSE 16 Security Update : salt (openSUSE-SU-2026:20918-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20918-1 advisory. Security fixes: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554 Tenable has...

8.7CVSS5.5AI score0.00375EPSS
Exploits0References8
OSV
OSV
added 2026/06/08 9:30 a.m.5 views

OPENSUSE-SU-2026:20918-1 Security update for salt

This update for salt fixes the following issues: Security fixes: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554 Other changes in salt: - Use non vendored tornado with Python 3.11 bsc1257583, bsc1259700 - Harden Tornado fro...

8.7CVSS7.3AI score0.00375EPSS
Exploits0References7
OSV
OSV
added 2026/03/25 10:16 a.m.5 views

SUSE-SU-2026:1028-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References12
OSV
OSV
added 2026/03/24 6:24 a.m.3 views

OPENSUSE-SU-2026:20412-1 Security update for salt

This update for salt fixes the following issues: Changes in salt: - Security issues fixed: CVE-2025-67724: fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: fixed HTTP header parameter parsing algorithm...

7.5CVSS5.9AI score0.01525EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/01/30 6:59 p.m.5 views

CVE-2025-62349

Salt contains an authentication protocol version downgrade weakness that can allow a malicious minion to bypass newer authentication/security features by using an older request payload format, enabling minion impersonation and circumventing protections introduced in response to prior issues...

7.5CVSS5.9AI score0.00407EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/12/23 9:11 a.m.5 views

OPENSUSE-SU-2026:20000-1 Security update for salt

This update for salt fixes the following issues: Changes in salt: - Add minimumauthversion to enforce security CVE-2025-62349 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 - Junos module yaml loader fix CVE-2025-62348 - Require Python dependencies onl...

7.8CVSS5.8AI score0.00407EPSS
Exploits0References8
OSV
OSV
added 2025/12/18 12:9 p.m.4 views

SUSE-SU-2025:4477-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: - CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 - CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-90...

7.8CVSS5.8AI score0.00407EPSS
Exploits0References11
OSV
OSV
added 2025/12/18 12:8 p.m.7 views

SUSE-SU-2025:4476-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: - CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 - CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-90...

7.8CVSS5.8AI score0.00407EPSS
Exploits0References11
SUSE Linux
SUSE Linux
added 2025/07/23 12:37 p.m.7 views

Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes

Description: This update fixes the following issues: release-notes-susemanager-proxy: Update to SUSE Manager 4.3.16 CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2025-46809 Bugs mentioned: bsc1236601, bsc1236635, bsc1236779, bsc1237294, bsc1238922 bsc1239826, bsc1240386, bsc1242004, bsc1243460,...

9.8CVSS6.8AI score0.10353EPSS
Exploits1References148
OSV
OSV
added 2025/07/23 12:37 p.m.3 views

SUSE-SU-2025:02476-1 Security update 4.3.16 for Multi-Linux Manager Server

This update fixes the following issues: release-notes-susemanager: - Update to SUSE Manager 4.3.16 Important Salt Security Update Added support for SUSE Linux Enterprise 15 SP7 as a client using the Salt Bundle CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2024-38824, CVE-2025-22239 CVE-2025-2223...

9.8CVSS5.8AI score0.10353EPSS
Exploits1References73
CNNVD
CNNVD
added 2025/06/13 12:0 a.m.2 views

Salt 安全漏洞

Salt is an automation, infrastructure management, data-driven orchestration and remote execution application from the Salt project. Salt has a security vulnerability that stems from vulnerability to replay attacks when TLS encrypted transmissions are not used...

2.7CVSS6.6AI score0.00214EPSS
Exploits0References3
OSV
OSV
added 2024/06/15 12:0 a.m.2 views

OPENSUSE-SU-2024:12154-1 python3-salt-3004-7.1 on GA media

These are all security issues fixed in the python3-salt-3004-7.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS8.8AI score0.01878EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.9 views

OPENSUSE-SU-2024:11364-1 python3-salt-3002.2-6.1 on GA media

These are all security issues fixed in the python3-salt-3002.2-6.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS8AI score0.96405EPSS
Exploits35References15
OSV
OSV
added 2023/11/09 2:33 a.m.3 views

SUSE-SU-2023:4386-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2023-34049: arbitrary code execution via symlink attack bsc1215157 Bugs fixed: - Fix optimizationorder opt to prevent testsuite fails - Improve salt.utils.json.findjson to avoid fails bsc1213293 - Use salt-call from sal...

6.7CVSS6.9AI score0.00187EPSS
Exploits0References6
OSV
OSV
added 2023/08/02 7:13 a.m.2 views

SUSE-SU-2023:3131-1 Security update for salt

This update for salt fixes the following issues: Security fixes: - CVE-2023-28370: Fix an open redirect vulnerability in 'StaticFileHandler' under certain configurations bsc1211741 Bug fixes: - Prevent error loading 'knownhosts' when '$HOME' is not set bsc1210994 - Fix ModuleNotFoundError and oth...

6.1CVSS6.3AI score0.01132EPSS
Exploits0References5
OSV
OSV
added 2023/06/21 11:54 a.m.3 views

SUSE-SU-2023:2581-1 Security update for salt

This update for salt fixes the following issues: - Update to Salt release version 3006.0 jscPED-4361 See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html - Add missing patch after rebase to fix collections Mapping issues - Add python3-looseversion as new dependency...

7.2AI score
Exploits0References7
OSV
OSV
added 2023/06/21 11:35 a.m.5 views

SUSE-SU-2023:2572-1 Security update for salt

This update for salt fixes the following issues: - Update to Salt release version 3006.0 jscPED-4361 See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html - Add missing patch after rebase to fix collections Mapping issues - Add python3-looseversion as new dependency...

7.2AI score
Exploits0References7
OSV
OSV
added 2023/06/21 11:27 a.m.2 views

SUSE-SU-2023:2571-1 Security update for Salt

This update for salt fixes the following issues: salt: - Update to Salt release version 3006.0 jscPED-4361 See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html - Add missing patch after rebase to fix collections Mapping issues - Add python3-looseversion as new...

7.2AI score
Exploits0References7
OSV
OSV
added 2022/07/04 10:6 a.m.9 views

SUSE-SU-2022:2253-1 Security update for salt

This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAMACCTMGM return value that could be used to bypass authentication when using PAM bsc1200566...

8.8CVSS8.8AI score0.01878EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2022/04/07 1:46 p.m.341 views

SSRF Flaw in Fintech Platform Allowed for Compromise of Bank Accounts

A server-side request forgery SSRF flaw in an API of a large financial technology fintech platform potentially could have compromised millions of bank customers, allowing attackers to defraud clients by controlling their bank accounts and funds, researchers have found. A team at Salt Security’s...

9.1AI score
Exploits0References6
Rows per page
Query Builder