Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

salt

pypi

Portable, distributed, remote execution and configuration management system

View on github.com · View on pypi.org

Security Advisories for salt in pypi

Critical
5 months ago

Salt vulnerable to directory traversal attack in file receiving method GSA_kwCzR0hTQS04cGNwLXI4M2otZmM5Ms4ABJBl

pypi salt
Moderate
5 months ago

Salt's worker process vulnerable to denial of service through file read operation GSA_kwCzR0hTQS05ODljLW01MzItcDJods4ABJBc

pypi salt
High
5 months ago

Salt vulnerable to arbitrary event injection GSA_kwCzR0hTQS1jNDZ3LWdyN2Ytam0ycM4ABJBZ

pypi salt
Moderate
5 months ago

Salt's salt.auth.pki module does not properly authenticate callers GSA_kwCzR0hTQS00ajU5LXZ2NTUtcTZoM84ABJBY

pypi salt
Moderate
5 months ago

Salt vulnerable to directory traversal attack in minion file cache creation GSA_kwCzR0hTQS1yNTQ2LWgzZmYtcTU4Nc4ABJBh

pypi salt
Moderate
5 months ago

Salt's on demand pillar functionality vulnerable to arbitrary command injections GSA_kwCzR0hTQS1mY3I0LWg2YzQtcnZ2cM4ABJBg

pypi salt
Moderate
5 months ago

Salt allows arbitrary directory creation or file deletion GSA_kwCzR0hTQS14aDMyLTNtNjctcWpnZs4ABJBa

pypi salt
Moderate
5 months ago

Salt's file contents overwrite the VirtKey class GSA_kwCzR0hTQS03ZjNmLXg1ZjUtNzlnd84ABJBb

pypi salt
High
5 months ago

Salt has minion event bus authorization bypass vulnerability GSA_kwCzR0hTQS1qaDdjLXhoNzQtaDc2Zs4ABJBX

pypi salt
Moderate
12 months ago

Salt preflight script could be attacker controlled GSA_kwCzR0hTQS00Mjc3LW0zNXEtN2M5d84ABBVW

pypi salt
High
over 1 year ago

Path traversal in saltstack GSA_kwCzR0hTQS0ycXczLTJ3djYtcDY0eM4AA9Yp

pypi salt
Moderate
over 1 year ago

Directory creation by malicious user in saltstack GSA_kwCzR0hTQS1xMjdjLWo2ajktNTN3M84AA9Yo

pypi salt
Moderate
about 2 years ago

Salt can cause Git Providers to get wrong data GSA_kwCzR0hTQS1xdmg2LTNqN3gtM2hxN84AA1sa

pypi salt
Moderate
about 2 years ago

Salt vulnerable to denial of service GSA_kwCzR0hTQS12cGpnLXdtZjgtMjloOc4AA1sb

pypi salt
High
over 3 years ago

Salt's PAM auth fails to reject locked accounts GSA_kwCzR0hTQS1mcHhtLWZwcnctNmh4as4AAs_R

pypi salt
High
over 3 years ago

Improper Authentication in SaltStack Salt GSA_kwCzR0hTQS14ZjM3LXFjdmYtN201N84AAp0a

pypi salt
High
over 3 years ago

Command Injection in SaltStack Salt GSA_kwCzR0hTQS1oY2pmLXJwNWgtZzVoM84AAoPm

pypi salt
High
over 3 years ago

Saltstack Salt Unauthenticated Arbitrary Code Execution GSA_kwCzR0hTQS1wbWo2LTlmOGMtOGcybc4AAnt9

pypi salt
Critical
over 3 years ago

SaltStack Salt eauth tokens can be used once after expiration GSA_kwCzR0hTQS13MmhyLTNtYzgtNDZnaM4AAnse

pypi salt
Critical
over 3 years ago

SaltStack Salt command injection in the Salt-API when using the Salt-SSH client GSA_kwCzR0hTQS1naGMyLWh4M3ctanFtcM4AAnsb

pypi salt
Critical
over 3 years ago

SaltStack Salt is vulnerable to shell injection via ProxyCommand argument GSA_kwCzR0hTQS04cnA2LXgzcjctNXF3M84AAnsd

pypi salt
High
over 3 years ago

SaltStack Salt Directory Traversal vulnerability GSA_kwCzR0hTQS03Nng0LXgzcDYtcnByOc4AAnsY

pypi salt
Moderate
over 3 years ago

SaltStack Salt Cleartext Storage of Sensitive Information via cmdmod GSA_kwCzR0hTQS1yNTV3LXhwaDUteHZ4Ms4AAnsZ

pypi salt
Critical
over 3 years ago

SaltStack Salt Improper Authentication vulnerability GSA_kwCzR0hTQS14eHczLTc2NW0tZjM3cM4AAnsH

pypi salt
Critical
over 3 years ago

SaltStack Salt Server Side Template Injection GSA_kwCzR0hTQS14Z21oLWdmeHctMmh2ds4AAnsM

pypi salt
High
over 3 years ago

SaltStack Salt Improper Certificate Validation GSA_kwCzR0hTQS13NTg5LXIzMzUtNGY1Nc4AAnsP

pypi salt
High
over 3 years ago

SaltStack Salt Improper SSL Certificate Validation GSA_kwCzR0hTQS1xeDcyLXE2dzMtcWdjN84AAnsJ

pypi salt
High
over 3 years ago

SaltStack Salt command injection via a crafted process name GSA_kwCzR0hTQS1waGh3LTN3YzktOHE3Nc4AAnsW

pypi salt
Critical
over 3 years ago

SaltStack Salt Improper Validation of eauth credentials and tokens in salt-netapi GSA_kwCzR0hTQS0yOWozLTI0NDYtNWo0d84AAmhY

pypi salt
Critical
over 3 years ago

SaltStack Salt Command Injection in netapi ssh client GSA_kwCzR0hTQS1xcjM4LWg5NmotMmozd84AAmhh

pypi salt
Moderate
over 3 years ago

SaltStack Salt Allows creating certificates with weak file permissions GSA_kwCzR0hTQS0zYzU2LXZ4NnYtcTV2aM4AAmhj

pypi salt
Critical
over 3 years ago

SaltStack Salt Unauthenticated Remote Code Execution GSA_kwCzR0hTQS1wamhmLXZweDMtMzNyM84AAklg

pypi salt
High
over 3 years ago

SaltStack Salt is vulnerable Arbitrary Directory Access GSA_kwCzR0hTQS12cDQ5LTJnNHItbTN4M84AAklX

pypi salt
Critical
over 3 years ago

SaltStack Salt is vulnerable to command injection GSA_kwCzR0hTQS1xNTNqLXA2cjItZzJ2NM4AAjV1

pypi salt
Critical
over 3 years ago

SaltStack Salt SQL Injection vulnerability in mysql.user_chpass function GSA_kwCzR0hTQS1oOHhwLWgzamYtd3Y0ds4AAhVu

pypi salt
High
over 3 years ago

SaltStack Privilege Escalation vulnerability GSA_kwCzR0hTQS03d3gzLXZyMmYtNnAyOc4AAe6H

pypi salt
High
over 3 years ago

Minion identity not validated in saltstack GSA_kwCzR0hTQS1qbXY5LTVneDgtN3hwZs4AAe6X

pypi salt
High
over 3 years ago

SaltStack MITM SSH attack in salt-ssh GSA_kwCzR0hTQS1mMjJqLTM3amotY3h3Oc4AAe6U

pypi salt
High
over 3 years ago

SaltStack insecurely uses /tmp GSA_kwCzR0hTQS1xcjN4LXY5N3AtNDJ4d84AAe55

pypi salt
High
over 3 years ago

Salt has insufficient argument validation in several modules GSA_kwCzR0hTQS12ODlmLTRtYzQtaDZ3Oc4AAe54

pypi salt
Moderate
over 3 years ago

Salt Insecure configuration of PAM external authentication service GSA_kwCzR0hTQS12MnJwLTljcGotcGZ3Ms4AAcAp

pypi salt
Critical
over 3 years ago

Salt allows deleted minions to read or write to minions with the same id GSA_kwCzR0hTQS1odm1qLTM1NmMtZ3BmNM4AAb_m

pypi salt
Low
over 3 years ago

Salt uses weak permissions on the cache data GSA_kwCzR0hTQS02cHJ3LTh4aG0taDI0N84AAb59

pypi salt
Moderate
over 3 years ago

Salt improper handling of tmp files GSA_kwCzR0hTQS05MnB3LW1mZjktanFnbc4AAbtJ

pypi salt
Moderate
over 3 years ago

SaltStack has insecure /tmp file handling in salt/modules/chef.py GSA_kwCzR0hTQS02Z3JwLTc1cHEtYzhjas4AAbtM

pypi salt
High
over 3 years ago

SaltStack Salt Information Exposure GSA_kwCzR0hTQS14Y3g0LTV3cTctZzVnN84AAbpc

pypi salt
Critical
over 3 years ago

salt password information leaked in debug logs GSA_kwCzR0hTQS1jeG00LTdxY3ctMjY3cs4AAadQ

pypi salt
High
over 3 years ago

SaltStack Salt Insecure Temporary File Creation GSA_kwCzR0hTQS1tZnIzLTljajgtaDJxbc4AAZnm

pypi salt
Critical
over 3 years ago

SaltStack Salt Directory traversal vulnerability in minion id validation GSA_kwCzR0hTQS14eHZqLThnNW0tNHFnd84AAZkW

pypi salt
High
over 3 years ago

SaltStack Salt Authentication Bypass when using the local_batch client from salt-api GSA_kwCzR0hTQS1mMmg3LTRmODQtOHFybc4AAYb8

pypi salt
Moderate
over 3 years ago

salt leaks git usernames and passwords to the log GSA_kwCzR0hTQS1xMng2LThnZmotaGp4d84AAYQJ

pypi salt
Critical
over 3 years ago

SaltStack Salt Directory traversal vulnerability in minion id validation GSA_kwCzR0hTQS1qNmdqLXBnNjIteDhqNs4AAYNc

pypi salt
High
over 3 years ago

SaltStack Salt Denial of Service via a crafted authentication request GSA_kwCzR0hTQS02NTdwLWNqNXItbWpyaM4AAYMj

pypi salt
High
over 3 years ago

Salt vulnerable to Improper Certificate Validation GSA_kwCzR0hTQS04ajlnLWM5cnAtanZnNM4AAWfQ

pypi salt
High
over 3 years ago

Salt Improper Access Control GSA_kwCzR0hTQS12cWg0LWNyamYtamp4eM4AAVIw

pypi salt
Critical
over 3 years ago

SaltStack Salt allows compromised salt-minions to impersonate the salt-master GSA_kwCzR0hTQS1nMjgzLTg4djUtcm1xMs4AASb0

pypi salt
High
over 3 years ago

SaltStack Salt arbitrary command execution in Salt-api via ssh_client GSA_kwCzR0hTQS04cjdyLXg0OHItcGY4Zs4AASVW

pypi salt
Critical
over 3 years ago

SaltStack Salt Remote command execution and incorrect access control when using salt-api GSA_kwCzR0hTQS14NTQ5LXI3bTgtZ3Y2M84AAQNo

pypi salt
Moderate
over 3 years ago

SaltStack Salt Directory Traversal vulnerability in salt-api GSA_kwCzR0hTQS1qeDM0LXBwcG0tZ2p2cs4AAQNk

pypi salt
High
over 3 years ago

SaltStack RSA Key Generation allows remote users to decrypt communications GSA_kwCzR0hTQS1ncTI2LWNwcTYtdzg1cs3gWg

pypi salt
High
over 3 years ago

SaltStack Salt Authentication Bypass by Capture-replay GSA_kwCzR0hTQS01cjNmLTNtM2otd2NqMs02qA

pypi salt
Low
over 3 years ago

SaltStack Salt Improper Authentication via Man in the Middle Attack GSA_kwCzR0hTQS1jdmNjLTV4OTItZ21oY802tg

pypi salt
High
over 3 years ago

SaltStack Improper Verification of Cryptographic Signature GSA_kwCzR0hTQS0ycTRnLXdmbTYtNWZwbc02rA

pypi salt
High
over 3 years ago

SaltStack Salt Permissions Bypass GSA_kwCzR0hTQS1xY3IzLWhyMmYtNjU1N802vw

pypi salt
High
almost 4 years ago

Exposure of Resource to Wrong Sphere in salt GSA_kwCzR0hTQS1wZjdoLWgyd3EtbTdwZ80XuQ

pypi salt

Filter by Severity

High 29 Moderate 17 Critical 17 Low 2