Lucene search
K

93 matches found

osv
osv
added 2026/04/21 9:24 a.m.9 views

SUSE-SU-2026:1520-1 Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Internal changes to fix build issues with no impact for customers spacecmd: - Version 5.1.13-0 Updated translation strings uyuni-tools: - Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key...

8.7CVSS5.7AI score0.00375EPSS
Exploits0References18
osv
osv
added 2025/12/23 9:11 a.m.8 views

OPENSUSE-SU-2026:20000-1 Security update for salt

This update for salt fixes the following issues: Changes in salt: - Add minimumauthversion to enforce security CVE-2025-62349 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 - Junos module yaml loader fix CVE-2025-62348 - Require Python dependencies onl...

7.8CVSS5.8AI score0.00407EPSS
Exploits0References8
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2013-0039

Malware in sbrugna...

10CVSS6.1AI score0.01458EPSS
Exploits0References7
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-0038

Malware in sbrugna...

9.3CVSS6.1AI score0.01824EPSS
Exploits0References7
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3190

Malicious code in bioql PyPI...

6.7CVSS7.2AI score0.00187EPSS
Exploits0References6
osv
osv
added 2024/11/14 6:30 a.m.6 views

GHSA-4277-M35Q-7C9W Salt preflight script could be attacker controlled

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS6.7AI score0.00187EPSS
Exploits0References5
github
github
added 2024/11/14 6:30 a.m.15 views

Salt preflight script could be attacker controlled

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS6.7AI score0.00187EPSS
Exploits0References5Affected Software1
nvd
nvd
added 2024/11/14 5:15 a.m.30 views

CVE-2023-34049

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS0.00187EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2024/11/14 5:15 a.m.25 views

CVE-2023-34049

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS6.9AI score0.00187EPSS
Exploits0References2
osv
osv
added 2024/11/14 5:15 a.m.12 views

UBUNTU-CVE-2023-34049

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS7.3AI score0.00187EPSS
Exploits0References3
cvelist
cvelist
added 2024/11/14 4:13 a.m.34 views

CVE-2023-34049 Salt security advisory release - 2023-OCT-27

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS0.00187EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/11/14 4:13 a.m.26 views

CVE-2023-34049 Salt security advisory release - 2023-OCT-27

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS6.8AI score0.00187EPSS
Exploits0References1
debiancve
debiancve
added 2024/11/14 4:13 a.m.32 views

CVE-2023-34049

Removed by vendor...

6.7CVSS7.3AI score0.00187EPSS
Exploits0
cnnvd
cnnvd
added 2024/11/14 12:0 a.m.5 views

Salt 安全漏洞

Salt is an automation, infrastructure management, data-driven orchestration, and remote execution application from the Salt project. Salt has a security vulnerability that stems from the Salt-SSH preflight option copying scripts to predictable paths to the target, which allows an attacker to forc...

6.7CVSS7.2AI score0.00187EPSS
Exploits0References1
veracode
veracode
added 2024/05/06 4:53 a.m.15 views

Man-in-the-Middle (MITM)

Salt vulnerable to Man-in-the-Middle MITM. The vulnerability is due to the absence of SSH host key validation in the default configuration of salt-ssh, which can be exploited by attackers to carry out man-in-the-middle attacks...

9.3CVSS6.6AI score0.01824EPSS
Exploits0References2Affected Software1
nessus
nessus
added 2024/02/17 12:0 a.m.26 views

SUSE SLES15: python3-salt / salt / salt-api / salt-bash-completion / salt-cloud / etc (SUSE-SU-2024:0506-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0506-1 advisory. Security issues fixed: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 -...

7.7CVSS6.6AI score0.0083EPSS
Exploits0References11
nessus
nessus
added 2024/02/17 12:0 a.m.25 views

SUSE SLES15: python3-salt / salt / salt-api / salt-bash-completion / salt-cloud / etc (SUSE-SU-2024:0507-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0507-1 advisory. Security issues fixed: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 ...

7.7CVSS6.6AI score0.0083EPSS
Exploits0References11
osv
osv
added 2024/02/15 1:42 p.m.5 views

SUSE-SU-2024:0510-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 - CVE-2024-22232: Prevent directory traversal attacks in the master's servefile method bsc1219431 Bugs fixed: - Ensur...

7.7CVSS6AI score0.0083EPSS
Exploits0References9
osv
osv
added 2024/02/15 1:41 p.m.7 views

SUSE-SU-2024:0509-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 - CVE-2024-22232: Prevent directory traversal attacks in the master's servefile method bsc1219431 Bugs fixed: - Ensur...

7.7CVSS6AI score0.0083EPSS
Exploits0References9
osv
osv
added 2024/02/15 1:41 p.m.5 views

SUSE-SU-2024:0508-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 - CVE-2024-22232: Prevent directory traversal attacks in the master's servefile method bsc1219431 Bugs fixed: - Ensur...

7.7CVSS6AI score0.0083EPSS
Exploits0References9
Rows per page
Query Builder