Filters

Versions

2016.11.4
15
2016.11.7
15
2016.3.0
15
2016.3.7
15
3002
15
2019.2.0
14
2015.8.11
13
2016.3.5
13
2017.5.0
13
2018.2.0
13
3001
13
3000
12
2016.3.9
10
2018.3.5
10
2019.2.6
10
2016.11.0
8
0.17.0
6
3003
6
2016.11.1
5
2016.11.2
5
3004
5
0.15.0
4
0.15.1
4
0.16.0
4
0.16.2
4
0.16.3
4
0.16.4
4
2015.8.2
3
2016.11
3
2016.11.3
3
2016.11.6
3
2017.7.0
3
2017.7.5
3
3000.0
3
0.11.0
2
0.12.0
2
0.13.0
2
0.14.0
2
2014.7.3
2
2015.8.0
2
2015.8.1
2
2015.8.12
2
2015.8.3
2
2016.11.1-rc1
2
2016.11.1-rc2
2
2016.11.5
2
2016.3.1
2
2016.3.2
2
2016.3.3
2
2016.3.4
2
2017.7.0-rc1
2
2017.7.1
2
2018.3.0
2
3006.0
2
0.10.0
1
0.10.2
1
0.10.3
1
0.10.4
1
0.10.5
1
0.6.0
1
0.7.0
1
0.8.0
1
0.8.7
1
0.8.8
1
0.8.9
1
0.9.0
1
0.9.2
1
0.9.3
1
0.9.4
1
0.9.5
1
0.9.6
1
0.9.7
1
0.9.8
1
0.9.9
1
2014.1.9
1
2014.7.5
1
2015.5.9
1
2015.8.10
1
2015.8.4
1
2015.8.5
1
2015.8.7
1
2016.11.0-rc1
1
2016.11.0-rc2
1
2016.9
1
3002.6
1

SaltStack Salt2 vulnerabilities

First published (updated )
saltproject-2024-01-31-advisory

Specially crafted url can be created which leads to a directory traversal in the salt file server

high
7.7
First published (updated )
CVE-2024-22232

Syndic cache directory creation is vulnerable to a directory traversal attack

medium
5
First published (updated )
CVE-2024-22231

SaltStack SaltATTENTION! Some High and Medium severity vulnerabilities have been discovered in Salt versions 3006.5 and earlier

First published (updated )
saltproject-2024-01-30-advisory

SaltStack Salt1 vulnerability

First published (updated )
saltproject-2023-10-27-advisory

Salt security advisory release - 2023-OCT-27

medium
6.7
First published (updated )
CVE-2023-34049

SaltStack SaltATTENTION! A Medium severity vulnerability has been discovered in Salt versions 3006.3 and earlier

First published (updated )
saltproject-2023-10-26-advisory

SaltStack Salt2 vulnerabilities

First published (updated )
saltproject-2023-08-10-advisory

Git Providers can read from the wrong environment because they get the same cache directory base nam…

high
7.8
First published (updated )
CVE-2023-20898

DOS in minion return.

medium
5.3
First published (updated )
CVE-2023-20897

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SaltStack SaltATTENTION! Some medium severity vulnerabilities have been discovered in Salt versions 3006.1 and earlier

First published (updated )
saltproject-2023-08-09-advisory

SaltStack SaltBuffer Overflow

critical
9.8
First published (updated )
CVE-2021-33226

SaltStack Salt1 vulnerability

First published (updated )
saltproject-2022-06-21-advisory

PAM auth fails to reject locked accounts.

high
8.8
First published (updated )
CVE-2022-22967

SaltStack SaltAttention! A critical vulnerability has been discovered in Salt versions 3004.1 and earlier

First published (updated )
saltproject-2022-06-13-advisory

SaltStack Salt4 vulnerabilities

First published (updated )
saltproject-2022-03-28-advisory

Minion authentication denial of service.

medium
4.3
First published (updated )
CVE-2022-22935

Job publishes and file server replies are susceptible to replay attacks.

high
8.8
First published (updated )
CVE-2022-22936

When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_…

high
8.8
First published (updated )
CVE-2022-22941

Salt Masters do not sign pillar data with the minion’s public key.

high
8.8
First published (updated )
CVE-2022-22934

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SaltStack SaltATTENTION! Some critical vulnerabilities have been discovered in Salt versions 3004 and earlier

First published (updated )
saltproject-2022-03-22-advisory

SaltStack Salt3 vulnerabilities

First published (updated )
saltproject-2021-09-21-advisory

Race Condition

medium
6.4
First published (updated )
CVE-2021-22004

A user who has control of the source, and source_hash URLs can gain full file system access as root …

high
7.5
First published (updated )
CVE-2021-21996

Command Injection, OS Command Injection

high
7.8
First published (updated )
CVE-2021-31607

SaltStack Saltsalt-api unauthenticated remote code execution

critical
9.8
First published (updated )
CVE-2021-25315

SaltStack Salt10 vulnerabilities

First published (updated )
saltproject-2021-02-25-advisory-02

Command Injection

critical
9.8
First published (updated )
CVE-2021-3148

Token can be used once after expiration

critical
9.1
First published (updated )
CVE-2021-3144

Last updated 8 August 2024

medium
4.4
First published (updated )
CVE-2021-25284

Code Injection

critical
9.8
First published (updated )
CVE-2021-25283

Last updated 8 August 2024

medium
5.9
First published (updated )
CVE-2020-28972

Path Traversal

critical
9.1
First published (updated )
CVE-2021-25282

Last updated 8 August 2024

critical
9.8
First published (updated )
CVE-2021-25281

Last updated 8 August 2024

critical
9.8
First published (updated )
CVE-2021-3197

Last updated 8 August 2024

high
7.4
First published (updated )
CVE-2020-35662

Command Injection, OS Command Injection

high
7.8
First published (updated )
CVE-2020-28243

SaltStack SaltUPDATE 2021-FEB-25 CVE Release Time Delay

First published (updated )
saltproject-2021-02-25-advisory-01

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SaltStack SaltSalt Feb 4th CVE Release Delayed

First published (updated )
saltproject-2021-02-04-advisory

SaltStack SaltActive Salt CVE Announcement - 2021-JAN-21

First published (updated )
saltproject-2021-01-29-advisory

SaltStack Salt3 vulnerabilities

First published (updated )
saltproject-2020-11-02-advisory

Last updated 8 August 2024

medium
5.5
First published (updated )
CVE-2020-17490

Input Validation

critical
9.8
First published (updated )
CVE-2020-25592

SaltStack Salt rest_cherrypy ssh_port Command Injection Remote Code Execution Vulnerability

critical
9.8
Exploited
First published (updated )
CVE-2020-16846

SaltStack SaltActive Salt CVE Announcement - 2020-OCT-30

First published (updated )
saltproject-2020-10-30-advisory

SaltStack SaltActive Salt CVE Update - CVE-2020-11651 and CVE-2020-11652

First published (updated )
saltproject-2020-05-06-advisory

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SaltStack SaltActive Salt CVE Update for CVE-2020-11651 and CVE-2020-11652

First published (updated )
saltproject-2020-05-04-advisory

SaltStack SaltSaltStack Salt Path Traversal Vulnerability

medium
6.5
Exploited
First published (updated )
CVE-2020-11652

SaltStack SaltSaltStack Salt Authentication Bypass Vulnerability

critical
9.8
Exploited
First published (updated )
CVE-2020-11651

SaltStack SaltSalt CVE Critical Updates - 2020-APR-21

First published (updated )
saltproject-2020-04-21-advisory

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203