Homepage

salt vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the salt package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2024-22232

*
  • L
CVE-2024-22231

*
  • L
CVE-2023-34049

*
  • M
Improper Resource Shutdown or Release

*
  • H
CVE-2023-20898

*
  • M
Open Redirect

*
  • H
Incorrect Authorization

*
  • L
Improper Authentication

*
  • H
Incorrect Permission Assignment for Critical Resource

*
  • H
Authentication Bypass

*
  • H
CVE-2022-22934

*
  • H
Exposure of Resource to Wrong Sphere

<2018.3.4+dfsg1-6+deb10u3
  • L
Improper Authentication

*
  • H
Arbitrary Command Injection

<2018.3.4+dfsg1-6+deb10u3
  • C
Arbitrary Command Injection

<2018.3.4+dfsg1-6+deb10u3
  • C
Arbitrary Code Injection

<2018.3.4+dfsg1-6+deb10u3
  • C
Insufficient Session Expiration

<2018.3.4+dfsg1-6+deb10u3
  • M
Cleartext Storage of Sensitive Information

<2018.3.4+dfsg1-6+deb10u3
  • C
Arbitrary Code Injection

<2018.3.4+dfsg1-6+deb10u3
  • C
Improper Authentication

<2018.3.4+dfsg1-6+deb10u3
  • C
Directory Traversal

<2018.3.4+dfsg1-6+deb10u3
  • H
Improper Certificate Validation

<2018.3.4+dfsg1-6+deb10u3
  • M
Improper Certificate Validation

<2018.3.4+dfsg1-6+deb10u3
  • H
Arbitrary Command Injection

<2018.3.4+dfsg1-6+deb10u3
  • C
Improper Input Validation

<2018.3.4+dfsg1-6+deb10u2
  • C
CVE-2020-16846

<2018.3.4+dfsg1-6+deb10u2
  • M
Incorrect Permission Assignment for Critical Resource

<2018.3.4+dfsg1-6+deb10u2
  • C
Improper Input Validation

<2018.3.4+dfsg1-6+deb10u1
  • M
Improper Input Validation

<2018.3.4+dfsg1-6+deb10u1
  • C
Arbitrary Command Injection

<2018.3.4+dfsg1-6+deb10u1
  • C
SQL Injection

<2018.3.4~git20180207+dfsg1-1
  • C
Improper Authentication

<2018.3.3+dfsg1-1
  • M
Directory Traversal

<2018.3.3+dfsg1-1
  • H
Improper Restriction of Excessive Authentication Attempts

<0.15.1-1
  • C
CVE-2017-7893

<2016.11.5+ds-1
  • H
Improper Input Validation

<2016.11.8+dfsg1-1
  • C
Directory Traversal

<2016.11.8+dfsg1-1
  • M
Information Exposure

<2015.8.1+ds-1
  • H
CVE-2017-5200

<2016.11.2+ds-1
  • H
Improper Authentication

<2016.11.2+ds-1
  • C
Directory Traversal

<2016.11.8+dfsg1-1
  • C
Information Exposure Through Debug Log Files

<2015.8.1+ds-1
  • H
Information Exposure

<2016.11.5+ds-1
  • C
Improper Access Control

<2016.3.0+ds-1
  • M
Improper Authentication

<2015.8.8+ds-1
  • L
Information Exposure

<2015.8.3+ds-1
  • H
Improper Access Control

<2015.8.5+ds-1
  • H
Link Following

<2014.1.10+ds-1
  • M
Improper Authentication

<0.17.1+dfsg-1
  • H
Improper Input Validation

<0.17.1+dfsg-1
  • H
Arbitrary Code Injection

<0.17.1+dfsg-1
  • M
Access Restriction Bypass

<0.17.1+dfsg-1
  • C
Access Restriction Bypass

<0.17.1+dfsg-1
  • C
CVE-2013-4437

<0.17.1+dfsg-1