salt vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the salt package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Link Following	<2019.2.0-5.64.1
H Arbitrary Command Injection	<2019.2.0-5.64.1
H Incorrect Permission Assignment for Critical Resource	<3002.2-150000.8.41.32.1
H Authentication Bypass	<3002.2-150000.8.41.32.1
H Improper Authentication	<3002.2-150000.8.41.32.1
H CVE-2022-22934	<3002.2-150000.8.41.32.1
H Incorrect Authorization	<3004-150000.8.41.40.1
C Improper Authentication	<2018.3.0-5.20.1
H Directory Traversal	<2018.3.0-5.20.1
C Directory Traversal	<2019.2.0-5.67.1
C CVE-2020-11651	<2019.2.0-5.67.1
C Directory Traversal	<3000-5.78.1
C CVE-2020-11651	<3000-5.78.1
M Link Following	<3000-5.78.1
C Improper Authentication	<3000-5.91.1
M Incorrect Permission Assignment for Critical Resource	<3000-5.91.1
C OS Command Injection	<3000-5.91.1
H Arbitrary Code Injection	<3000-5.106.1
H Arbitrary Command Injection	<3000-5.106.1
H Insufficient Session Expiration	<3000-5.106.1
H Insufficiently Protected Credentials	<3000-5.106.1
H Arbitrary Code Injection	<3000-5.106.1
H Directory Traversal	<3000-5.106.1
H Improper Authentication	<3000-5.106.1
H Improper Certificate Validation	<3000-5.106.1
H Improper Certificate Validation	<3000-5.106.1
H Arbitrary Command Injection	<3000-5.106.1
M OS Command Injection	<3002.2-8.41.8.1
C Improper Authentication	<3002.2-8.41.8.1
M CVE-2021-21996	<3002.2-8.41.17.1
H Incorrect Permission Assignment for Critical Resource	<3002.2-150000.8.41.26.1
H Authentication Bypass	<3002.2-150000.8.41.26.1
H Improper Authentication	<3002.2-150000.8.41.26.1
H CVE-2022-22934	<3002.2-150000.8.41.26.1