Homepage

salt vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the salt package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
Improper Authorization

*
  • H
Incorrect Authorization

*
  • L
Improper Authentication

*
  • H
Incorrect Permission Assignment for Critical Resource

*
  • H
Authentication Bypass

*
  • H
CVE-2022-22934

*
  • H
Exposure of Resource to Wrong Sphere

<2016.11.2+ds-1+deb9u8
  • L
Improper Authentication

*
  • H
Arbitrary Command Injection

<2016.11.2+ds-1+deb9u7
  • C
Arbitrary Command Injection

<2016.11.2+ds-1+deb9u7
  • C
Arbitrary Code Injection

<2016.11.2+ds-1+deb9u7
  • C
Insufficient Session Expiration

<2016.11.2+ds-1+deb9u7
  • M
Cleartext Storage of Sensitive Information

<2016.11.2+ds-1+deb9u7
  • C
Arbitrary Code Injection

<2016.11.2+ds-1+deb9u7
  • C
Improper Authentication

<2016.11.2+ds-1+deb9u7
  • C
Directory Traversal

<2016.11.2+ds-1+deb9u7
  • H
Improper Certificate Validation

<2016.11.2+ds-1+deb9u7
  • M
Improper Certificate Validation

<2016.11.2+ds-1+deb9u7
  • H
Arbitrary Command Injection

<2016.11.2+ds-1+deb9u7
  • C
Improper Input Validation

<2016.11.2+ds-1+deb9u6
  • C
CVE-2020-16846

<2016.11.2+ds-1+deb9u6
  • M
Incorrect Permission Assignment for Critical Resource

<2016.11.2+ds-1+deb9u6
  • C
Improper Input Validation

<2016.11.2+ds-1+deb9u4
  • M
Improper Input Validation

<2016.11.2+ds-1+deb9u4
  • C
Arbitrary Command Injection

<2016.11.2+ds-1+deb9u3
  • C
Improper Authentication

<2016.11.2+ds-1+deb9u5
  • M
Directory Traversal

<2016.11.2+ds-1+deb9u5
  • H
Improper Restriction of Excessive Authentication Attempts

<0.15.1-1
  • L
CVE-2017-7893

*
  • C
Directory Traversal

<2016.11.2+ds-1+deb9u1
  • H
Improper Input Validation

<2016.11.2+ds-1+deb9u1
  • M
Information Exposure

<2015.8.1+ds-1
  • H
CVE-2017-5200

<2016.11.2+ds-1
  • H
Improper Authentication

<2016.11.2+ds-1
  • C
Directory Traversal

<2016.11.2+ds-1+deb9u1
  • C
Information Exposure Through Debug Log Files

<2015.8.1+ds-1
  • H
Information Exposure

<2016.11.2+ds-1+deb9u2
  • C
Improper Access Control

<2016.3.0+ds-1
  • M
Improper Authentication

<2015.8.8+ds-1
  • L
Information Exposure

<2015.8.3+ds-1
  • H
Improper Access Control

<2015.8.5+ds-1
  • H
Link Following

<2014.1.10+ds-1
  • H
Improper Input Validation

<0.17.1+dfsg-1
  • M
Improper Authentication

<0.17.1+dfsg-1
  • M
Access Restriction Bypass

<0.17.1+dfsg-1
  • C
CVE-2013-4437

<0.17.1+dfsg-1
  • C
Access Restriction Bypass

<0.17.1+dfsg-1
  • H
Arbitrary Code Injection

<0.17.1+dfsg-1