Lucene search
Veracode Vulnerability DatabaseVERACODE:45381HistoryFeb 06, 2024 - 5:59 p.m.
Path Traversal
2024-02-0617:59:45
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
path traversal
vulnerability
salt software
file manipulation
validation
user input
7.1 High
AI Score
Confidence
Low
salt is vulnerable to Path Traversal. The vulnerability is caused by roots.py because there is no explicit path validation before performing file operations, as well as master.py creating directories and files based on unvalidated user input. An attacker can exploit these flaws to traverse and manipulate the file system outside of the intended boundaries.
Related
alpinelinux
alpinelinux
CVE-2024-22231
2024-02-09 02:05:19
openvas
openvas
openSUSE: Security Advisory for salt (SUSE-SU-2024:0509-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0506-1)
2024-02-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0508-1)
2024-02-16 00:00:00
nessus
nessus
SaltStack 3000 < 3005.5 / 3006 < 3006.6 Multiple Vulnerablities
2024-02-22 00:00:00