8 matches found
EUVD-2025-18249
Malicious code in bioql PyPI...
File Overwrite
Salt is vulnerable to File overwrite. The vulnerability is due to unvalidated input used to construct paths in the VirtKey class when handling “on-demand pillar” data, allowing unauthorized file overwrites in the default configuration...
GHSA-7F3F-X5F5-79GW Salt's file contents overwrite the VirtKey class
File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location a...
Salt's file contents overwrite the VirtKey class
File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location a...
CVE-2025-22241
File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location a...
CVE-2025-22241 CVE-2025-22241 salt advisory
File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location a...
CVE-2025-22241 CVE-2025-22241 salt advisory
File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location a...
Salt 安全漏洞
Salt is an automation, infrastructure management, data-driven orchestration, and remote execution application from the Salt project. A security vulnerability exists in Salt that stems from the VirtKey class creating paths using unvalidated input, which could lead to file content overwriting...