Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

salt

pypi · Portable, distributed, remote execution and configuration management system · Repository · Package

Security Advisories for salt in pypi

Critical
4 months ago

Salt vulnerable to directory traversal attack in file receiving method GSA_kwCzR0hTQS04cGNwLXI4M2otZmM5Ms4ABJBl

pypi salt
Moderate
4 months ago

Salt's worker process vulnerable to denial of service through file read operation GSA_kwCzR0hTQS05ODljLW01MzItcDJods4ABJBc

pypi salt
High
4 months ago

Salt vulnerable to arbitrary event injection GSA_kwCzR0hTQS1jNDZ3LWdyN2Ytam0ycM4ABJBZ

pypi salt
Moderate
4 months ago

Salt's salt.auth.pki module does not properly authenticate callers GSA_kwCzR0hTQS00ajU5LXZ2NTUtcTZoM84ABJBY

pypi salt
Moderate
4 months ago

Salt's on demand pillar functionality vulnerable to arbitrary command injections GSA_kwCzR0hTQS1mY3I0LWg2YzQtcnZ2cM4ABJBg

pypi salt
Moderate
4 months ago

Salt allows arbitrary directory creation or file deletion GSA_kwCzR0hTQS14aDMyLTNtNjctcWpnZs4ABJBa

pypi salt
Moderate
4 months ago

Salt vulnerable to directory traversal attack in minion file cache creation GSA_kwCzR0hTQS1yNTQ2LWgzZmYtcTU4Nc4ABJBh

pypi salt
Moderate
4 months ago

Salt's file contents overwrite the VirtKey class GSA_kwCzR0hTQS03ZjNmLXg1ZjUtNzlnd84ABJBb

pypi salt
High
4 months ago

Salt has minion event bus authorization bypass vulnerability GSA_kwCzR0hTQS1qaDdjLXhoNzQtaDc2Zs4ABJBX

pypi salt
Moderate
11 months ago

Salt preflight script could be attacker controlled GSA_kwCzR0hTQS00Mjc3LW0zNXEtN2M5d84ABBVW

pypi salt
Moderate
over 1 year ago

Directory creation by malicious user in saltstack GSA_kwCzR0hTQS1xMjdjLWo2ajktNTN3M84AA9Yo

pypi salt
High
over 1 year ago

Path traversal in saltstack GSA_kwCzR0hTQS0ycXczLTJ3djYtcDY0eM4AA9Yp

pypi salt
Moderate
about 2 years ago

Salt can cause Git Providers to get wrong data GSA_kwCzR0hTQS1xdmg2LTNqN3gtM2hxN84AA1sa

pypi salt
Moderate
about 2 years ago

Salt vulnerable to denial of service GSA_kwCzR0hTQS12cGpnLXdtZjgtMjloOc4AA1sb

pypi salt
High
over 3 years ago

Salt's PAM auth fails to reject locked accounts GSA_kwCzR0hTQS1mcHhtLWZwcnctNmh4as4AAs_R

pypi salt
High
over 3 years ago

Improper Authentication in SaltStack Salt GSA_kwCzR0hTQS14ZjM3LXFjdmYtN201N84AAp0a

pypi salt
High
over 3 years ago

Command Injection in SaltStack Salt GSA_kwCzR0hTQS1oY2pmLXJwNWgtZzVoM84AAoPm

pypi salt
High
over 3 years ago

Saltstack Salt Unauthenticated Arbitrary Code Execution GSA_kwCzR0hTQS1wbWo2LTlmOGMtOGcybc4AAnt9

pypi salt
Critical
over 3 years ago

SaltStack Salt command injection in the Salt-API when using the Salt-SSH client GSA_kwCzR0hTQS1naGMyLWh4M3ctanFtcM4AAnsb

pypi salt
Critical
over 3 years ago

SaltStack Salt eauth tokens can be used once after expiration GSA_kwCzR0hTQS13MmhyLTNtYzgtNDZnaM4AAnse

pypi salt
Critical
over 3 years ago

SaltStack Salt is vulnerable to shell injection via ProxyCommand argument GSA_kwCzR0hTQS04cnA2LXgzcjctNXF3M84AAnsd

pypi salt
Critical
over 3 years ago

SaltStack Salt Server Side Template Injection GSA_kwCzR0hTQS14Z21oLWdmeHctMmh2ds4AAnsM

pypi salt
Critical
over 3 years ago

SaltStack Salt Improper Authentication vulnerability GSA_kwCzR0hTQS14eHczLTc2NW0tZjM3cM4AAnsH

pypi salt
High
over 3 years ago

SaltStack Salt Directory Traversal vulnerability GSA_kwCzR0hTQS03Nng0LXgzcDYtcnByOc4AAnsY

pypi salt
Moderate
over 3 years ago

SaltStack Salt Cleartext Storage of Sensitive Information via cmdmod GSA_kwCzR0hTQS1yNTV3LXhwaDUteHZ4Ms4AAnsZ

pypi salt
High
over 3 years ago

SaltStack Salt Improper Certificate Validation GSA_kwCzR0hTQS13NTg5LXIzMzUtNGY1Nc4AAnsP

pypi salt
High
over 3 years ago

SaltStack Salt Improper SSL Certificate Validation GSA_kwCzR0hTQS1xeDcyLXE2dzMtcWdjN84AAnsJ

pypi salt
High
over 3 years ago

SaltStack Salt command injection via a crafted process name GSA_kwCzR0hTQS1waGh3LTN3YzktOHE3Nc4AAnsW

pypi salt
Critical
over 3 years ago

SaltStack Salt Command Injection in netapi ssh client GSA_kwCzR0hTQS1xcjM4LWg5NmotMmozd84AAmhh

pypi salt
Critical
over 3 years ago

SaltStack Salt Improper Validation of eauth credentials and tokens in salt-netapi GSA_kwCzR0hTQS0yOWozLTI0NDYtNWo0d84AAmhY

pypi salt
Moderate
over 3 years ago

SaltStack Salt Allows creating certificates with weak file permissions GSA_kwCzR0hTQS0zYzU2LXZ4NnYtcTV2aM4AAmhj

pypi salt
Critical
over 3 years ago

SaltStack Salt Unauthenticated Remote Code Execution GSA_kwCzR0hTQS1wamhmLXZweDMtMzNyM84AAklg

pypi salt
High
over 3 years ago

SaltStack Salt is vulnerable Arbitrary Directory Access GSA_kwCzR0hTQS12cDQ5LTJnNHItbTN4M84AAklX

pypi salt
Critical
over 3 years ago

SaltStack Salt is vulnerable to command injection GSA_kwCzR0hTQS1xNTNqLXA2cjItZzJ2NM4AAjV1

pypi salt
Critical
over 3 years ago

SaltStack Salt SQL Injection vulnerability in mysql.user_chpass function GSA_kwCzR0hTQS1oOHhwLWgzamYtd3Y0ds4AAhVu

pypi salt
High
over 3 years ago

SaltStack Privilege Escalation vulnerability GSA_kwCzR0hTQS03d3gzLXZyMmYtNnAyOc4AAe6H

pypi salt
High
over 3 years ago

Minion identity not validated in saltstack GSA_kwCzR0hTQS1qbXY5LTVneDgtN3hwZs4AAe6X

pypi salt
High
over 3 years ago

SaltStack MITM SSH attack in salt-ssh GSA_kwCzR0hTQS1mMjJqLTM3amotY3h3Oc4AAe6U

pypi salt
High
over 3 years ago

SaltStack insecurely uses /tmp GSA_kwCzR0hTQS1xcjN4LXY5N3AtNDJ4d84AAe55

pypi salt
High
over 3 years ago

Salt has insufficient argument validation in several modules GSA_kwCzR0hTQS12ODlmLTRtYzQtaDZ3Oc4AAe54

pypi salt
Moderate
over 3 years ago

Salt Insecure configuration of PAM external authentication service GSA_kwCzR0hTQS12MnJwLTljcGotcGZ3Ms4AAcAp

pypi salt
Critical
over 3 years ago

Salt allows deleted minions to read or write to minions with the same id GSA_kwCzR0hTQS1odm1qLTM1NmMtZ3BmNM4AAb_m

pypi salt
Low
over 3 years ago

Salt uses weak permissions on the cache data GSA_kwCzR0hTQS02cHJ3LTh4aG0taDI0N84AAb59

pypi salt
Moderate
over 3 years ago

SaltStack has insecure /tmp file handling in salt/modules/chef.py GSA_kwCzR0hTQS02Z3JwLTc1cHEtYzhjas4AAbtM

pypi salt
Moderate
over 3 years ago

Salt improper handling of tmp files GSA_kwCzR0hTQS05MnB3LW1mZjktanFnbc4AAbtJ

pypi salt
High
over 3 years ago

SaltStack Salt Information Exposure GSA_kwCzR0hTQS14Y3g0LTV3cTctZzVnN84AAbpc

pypi salt
Critical
over 3 years ago

salt password information leaked in debug logs GSA_kwCzR0hTQS1jeG00LTdxY3ctMjY3cs4AAadQ

pypi salt
High
over 3 years ago

SaltStack Salt Insecure Temporary File Creation GSA_kwCzR0hTQS1tZnIzLTljajgtaDJxbc4AAZnm

pypi salt
Critical
over 3 years ago

SaltStack Salt Directory traversal vulnerability in minion id validation GSA_kwCzR0hTQS14eHZqLThnNW0tNHFnd84AAZkW

pypi salt
High
over 3 years ago

SaltStack Salt Authentication Bypass when using the local_batch client from salt-api GSA_kwCzR0hTQS1mMmg3LTRmODQtOHFybc4AAYb8

pypi salt
Moderate
over 3 years ago

salt leaks git usernames and passwords to the log GSA_kwCzR0hTQS1xMng2LThnZmotaGp4d84AAYQJ

pypi salt
Critical
over 3 years ago

SaltStack Salt Directory traversal vulnerability in minion id validation GSA_kwCzR0hTQS1qNmdqLXBnNjIteDhqNs4AAYNc

pypi salt
High
over 3 years ago

SaltStack Salt Denial of Service via a crafted authentication request GSA_kwCzR0hTQS02NTdwLWNqNXItbWpyaM4AAYMj

pypi salt
High
over 3 years ago

Salt vulnerable to Improper Certificate Validation GSA_kwCzR0hTQS04ajlnLWM5cnAtanZnNM4AAWfQ

pypi salt
High
over 3 years ago

Salt Improper Access Control GSA_kwCzR0hTQS12cWg0LWNyamYtamp4eM4AAVIw

pypi salt
Critical
over 3 years ago

SaltStack Salt allows compromised salt-minions to impersonate the salt-master GSA_kwCzR0hTQS1nMjgzLTg4djUtcm1xMs4AASb0

pypi salt
High
over 3 years ago

SaltStack Salt arbitrary command execution in Salt-api via ssh_client GSA_kwCzR0hTQS04cjdyLXg0OHItcGY4Zs4AASVW

pypi salt
Moderate
over 3 years ago

SaltStack Salt Directory Traversal vulnerability in salt-api GSA_kwCzR0hTQS1qeDM0LXBwcG0tZ2p2cs4AAQNk

pypi salt
Critical
over 3 years ago

SaltStack Salt Remote command execution and incorrect access control when using salt-api GSA_kwCzR0hTQS14NTQ5LXI3bTgtZ3Y2M84AAQNo

pypi salt
High
over 3 years ago

SaltStack RSA Key Generation allows remote users to decrypt communications GSA_kwCzR0hTQS1ncTI2LWNwcTYtdzg1cs3gWg

pypi salt
High
over 3 years ago

SaltStack Improper Verification of Cryptographic Signature GSA_kwCzR0hTQS0ycTRnLXdmbTYtNWZwbc02rA

pypi salt
High
over 3 years ago

SaltStack Salt Authentication Bypass by Capture-replay GSA_kwCzR0hTQS01cjNmLTNtM2otd2NqMs02qA

pypi salt
Low
over 3 years ago

SaltStack Salt Improper Authentication via Man in the Middle Attack GSA_kwCzR0hTQS1jdmNjLTV4OTItZ21oY802tg

pypi salt
High
over 3 years ago

SaltStack Salt Permissions Bypass GSA_kwCzR0hTQS1xY3IzLWhyMmYtNjU1N802vw

pypi salt
High
almost 4 years ago

Exposure of Resource to Wrong Sphere in salt GSA_kwCzR0hTQS1wZjdoLWgyd3EtbTdwZ80XuQ

pypi salt

Filter by Severity

High 29 Moderate 17 Critical 17 Low 2