2 matches found
PT-2021-7513 · Saltstack +3 · Saltstack Salt +3
Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: An issue was discovered in SaltStack Salt, where the salt.wheel.pillar roots.write method is vulnerable to directory traversal. This vulnerability is related to incorrect restriction of the...
PT-2021-5491 · Saltstack +3 · Saltstack Salt +3
Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: The issue is related to insufficient argument checking in the salt.utils.thin.gen thin function, allowing for command injection when crafted web requests are sent to the Salt API. This is d...