salt vulnerabilities

Known vulnerabilities in the salt package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Directory Traversal	[,3006.12)[3007.0rc1,3007.4)
M Improper Certificate Validation	[,3006.12)[3007.0rc1,3007.4)
M Directory Traversal	[,3006.12)[3007.0rc1,3007.4)
M Incorrect Permission Assignment for Critical Resource	[,3006.12)[3007.0rc1,3007.4)
M Improper Certificate Validation	[3006.0rc1,3006.12)[3007.0rc1,3007.4)
M Missing Authorization	[3007.0,3007.4)
M Improper Validation of Specified Type of Input	[,3006.12)[3007.0rc1,3007.4)
M Replay Attack	[,3006.12)[3007.0rc1,3007.4)
M Improper Certificate Validation	[,3006.12)[3007.0rc1,3007.4)
H Arbitrary Command Injection	[,3006.12)[3007.0rc1,3007.4)
M Directory Traversal	[,3006.12)[3007.0rc1,3007.4)
H Inadequate Encryption Strength	[,0.15.1)
H Directory Traversal	[,3005.5)
H Directory Traversal	[,3005.5)
M Improper Access Control	[,3005.4)[3006.0rc1,3006.4)
M Information Exposure	[,3005.2)[3006.0rc1,3006.2)
H Denial of Service (DoS)	[,3005.2)[3006.0rc1,3006.2)
M Insecure Defaults	[0.17.0,0.17.1)
H Buffer Overflow	[0,)
H Denial of Service (DoS)	[,3004.1)
H Access Restriction Bypass	[,3002.9)[3003,3003.5)[3004,3004.2)
H Improper Access Control	[,3002.8)[3003,3003.4)[3004,3004.1)
M Denial of Service (DoS)	[,3002.8)[3003,3003.4)[3004,3004.1)
H Access Restriction Bypass	[,3002.8)[3003,3003.4)[3004,3004.1)
M Authentication Bypass	[,3002.8)[3003,3003.4)[3004,3004.1)
C SQL Injection	[,2018.3.4)[2019.2.0,2019.2.1)
H Privilege Escalation	[,3001.8)[3002rc1,3002.7)[3003rc1,3003.3)
M Privilege Escalation	[,3001.8)[3002rc1,3002.7)[3003rc1,3003.3)
H Command Injection	[2016.11.0rc1,3003rc1)
H Command Injection	[3002rc1,3002.5)[3001rc1,3001.6)[,3000.8)
H Improper Authorization	[3002rc1,3002.5)[3001rc1,3001.6)[,3000.8)
M Directory Traversal	[3002rc1,3002.5)[3001rc1,3001.6)[,3000.8)
H Server-side Template Injection (SSTI)	[3002rc1,3002.5)[3001rc1,3001.6)[,3000.8)
M Command Injection	[3002rc1,3002.5)[3001rc1,3001.6)[,3000.8)
M Sensitive Data Exposure	[3002rc1,3002.5)[3001rc1,3001.6)[,3000.8)
H Man-in-the-Middle (MitM)	[3002rc1,3002.5)[3001rc1,3001.6)[,3000.8)
M Sensitive Data Exposure	[3002rc1,3002.5)[3001rc1,3001.6)[,3000.8)
M Local Privilege Escalation	[3002rc1,3002.5)[3001rc1,3001.6)[,3000.8)
H Improper Certificate Validation	[3002rc1,3002.5)[3001rc1,3001.6)[,3000.8)
H Remote Code Execution (RCE)	[,3000.4)[3001,3001.2)
H Authentication Bypass	[3002,3002.1)
M Improper Access Control	[,3000.4)[3001,3001.2)[3002,3002.1)
H Directory Traversal	[,2019.2.4)[3000,3000.2)
C Arbitrary Code Execution	[,2019.2.4)[3000,3000.2)
M Command Injection	[2019.2.0,2019.2.3)
H Arbitrary Code Execution	[,0.17.1)
M Directory Traversal	[,2017.7.8)[2018.0,2018.3.3)
H Arbitrary Command Execution	[,2017.7.8)[2018.0.0,2018.3.3)
H Arbitrary YAML Code Execution	[,0.17.1)
C Information Exposure	[2015.5.0,2015.5.6)[2015.8.0,2015.8.1)
C Directory Traversal	[,2016.11.7)[2017.7.0,2017.7.1)
H Credential Exposure	[,2016.11.4)
C Privilege Escalation	[,0.17.1)
M Client Impersonation	[0.15,0.17.1)
M Arbitrary Routine Execution	[,0.17.1)
M Authentication Bypass	[,2015.5.10)[2015.8.0,2015.8.8)
C Client Impersonation	[,2016.3.6)
H Arbitrary File Creation	[,2014.1.10)
M Insecure use of /tmp folder	[,2014.7.4)
M Information Exposure	[,2015.5.5)
H Arbitrary Code Execution	[,2015.8.13)[2016.3,2016.3.5)[2016.11,2016.11.2)
H Arbitrary Code Execution	[,2015.8.12)[2016.3,2016.3.5)[2016.11,2016.11.2)
H Authentication Bypass	[2015.5,2015.5.6)[2015.8,2015.8.1)
H Denial of Service (DoS)	[2017.7.0,2017.7.2)[2016.11.0,2016.11.8)[2016.3.0,2016.3.8)
C Directory Traversal	[2017.7.0,2017.7.2)[2016.11.0,2016.11.8)[2016.3.0,2016.3.8)
C Information Exposure	[,2015.8.11)
H Arbitrary Code Execution	[2015.8,2015.8.4)
L Information Exposure	[,2015.8.3)
M Insecure Temporary File	[,2014.7.4)

Vulnerability

Vulnerable Version

Directory Traversal

[,3006.12)[3007.0rc1,3007.4)

Improper Certificate Validation

[,3006.12)[3007.0rc1,3007.4)

Directory Traversal

[,3006.12)[3007.0rc1,3007.4)

Incorrect Permission Assignment for Critical Resource

[,3006.12)[3007.0rc1,3007.4)

Improper Certificate Validation

[3006.0rc1,3006.12)[3007.0rc1,3007.4)

Missing Authorization

[3007.0,3007.4)

Improper Validation of Specified Type of Input

[,3006.12)[3007.0rc1,3007.4)

Replay Attack

[,3006.12)[3007.0rc1,3007.4)

Improper Certificate Validation

[,3006.12)[3007.0rc1,3007.4)

Arbitrary Command Injection

[,3006.12)[3007.0rc1,3007.4)

Directory Traversal

[,3006.12)[3007.0rc1,3007.4)

Inadequate Encryption Strength

[,0.15.1)

Directory Traversal

[,3005.5)

Directory Traversal

[,3005.5)

Improper Access Control

[,3005.4)[3006.0rc1,3006.4)

Information Exposure

[,3005.2)[3006.0rc1,3006.2)

Denial of Service (DoS)

[,3005.2)[3006.0rc1,3006.2)

Insecure Defaults

[0.17.0,0.17.1)

Buffer Overflow

[0,)

Denial of Service (DoS)

[,3004.1)

Access Restriction Bypass

[,3002.9)[3003,3003.5)[3004,3004.2)

Improper Access Control

[,3002.8)[3003,3003.4)[3004,3004.1)

Denial of Service (DoS)

[,3002.8)[3003,3003.4)[3004,3004.1)

Access Restriction Bypass

[,3002.8)[3003,3003.4)[3004,3004.1)

Authentication Bypass

[,3002.8)[3003,3003.4)[3004,3004.1)

SQL Injection

[,2018.3.4)[2019.2.0,2019.2.1)

Privilege Escalation

[,3001.8)[3002rc1,3002.7)[3003rc1,3003.3)

Privilege Escalation

[,3001.8)[3002rc1,3002.7)[3003rc1,3003.3)

Command Injection

[2016.11.0rc1,3003rc1)

Command Injection