Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS1tZnIzLTljajgtaDJxbc4AAZnm

SaltStack Salt Insecure Temporary File Creation

Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

Permalink: https://github.com/advisories/GHSA-mfr3-9cj8-h2qm
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1tZnIzLTljajgtaDJxbc4AAZnm
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 2 years ago
Updated: about 1 month ago

Identifiers: GHSA-mfr3-9cj8-h2qm, CVE-2014-3563
References:

• https://nvd.nist.gov/vuln/detail/CVE-2014-3563
• https://exchange.xforce.ibmcloud.com/vulnerabilities/95392
• http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html
• http://seclists.org/oss-sec/2014/q3/428
• https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2014-18.yaml
• https://github.com/advisories/GHSA-mfr3-9cj8-h2qm

Blast Radius: 0.0

Affected Packages