salt-ssh vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the salt-ssh package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Arbitrary Command Injection	<2019.2.0-5.64.1
M Link Following	<2019.2.0-5.64.1
H Incorrect Permission Assignment for Critical Resource	<3002.2-150000.8.41.32.1
H Improper Authentication	<3002.2-150000.8.41.32.1
H Authentication Bypass	<3002.2-150000.8.41.32.1
H CVE-2022-22934	<3002.2-150000.8.41.32.1
H Incorrect Authorization	<3004-150000.8.41.40.1
C Improper Authentication	<2018.3.0-5.20.1
H Directory Traversal	<2018.3.0-5.20.1
C Directory Traversal	<2019.2.0-5.67.1
C CVE-2020-11651	<2019.2.0-5.67.1
C Directory Traversal	<3000-5.78.1
C CVE-2020-11651	<3000-5.78.1
M Link Following	<3000-5.78.1
C Improper Authentication	<3000-5.91.1
M Incorrect Permission Assignment for Critical Resource	<3000-5.91.1
C OS Command Injection	<3000-5.91.1
H Arbitrary Code Injection	<3000-5.106.1
H Arbitrary Command Injection	<3000-5.106.1
H Insufficient Session Expiration	<3000-5.106.1
H Insufficiently Protected Credentials	<3000-5.106.1
H Arbitrary Code Injection	<3000-5.106.1
H Directory Traversal	<3000-5.106.1
H Improper Authentication	<3000-5.106.1
H Improper Certificate Validation	<3000-5.106.1
H Improper Certificate Validation	<3000-5.106.1
H Arbitrary Command Injection	<3000-5.106.1
M OS Command Injection	<3002.2-8.41.8.1
C Improper Authentication	<3002.2-8.41.8.1
M CVE-2021-21996	<3002.2-8.41.17.1
H Incorrect Permission Assignment for Critical Resource	<3002.2-150000.8.41.26.1
H Authentication Bypass	<3002.2-150000.8.41.26.1
H Improper Authentication	<3002.2-150000.8.41.26.1
H CVE-2022-22934	<3002.2-150000.8.41.26.1