Vulnerabilities > Saltstack
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2023-20897 | Improper Resource Shutdown or Release vulnerability in Saltstack Salt Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. | 5.3 |
| 2023-09-05 | CVE-2023-20898 | Unspecified vulnerability in Saltstack Salt Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. | 7.8 |
| 2023-02-17 | CVE-2021-33226 | Classic Buffer Overflow vulnerability in Saltstack Salt Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. | 9.8 |
| 2022-06-23 | CVE-2022-22967 | Incorrect Authorization vulnerability in Saltstack Salt An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. | 8.8 |
| 2022-03-29 | CVE-2022-22934 | Unspecified vulnerability in Saltstack Salt An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. low complexity saltstack | 8.8 |
| 2022-03-29 | CVE-2022-22935 | Improper Authentication vulnerability in Saltstack Salt An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. | 3.7 |
| 2022-03-29 | CVE-2022-22936 | Authentication Bypass by Capture-replay vulnerability in Saltstack Salt An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. | 8.8 |
| 2022-03-29 | CVE-2022-22941 | Incorrect Permission Assignment for Critical Resource vulnerability in Saltstack Salt An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. | 8.8 |
| 2021-09-08 | CVE-2021-21996 | An issue was discovered in SaltStack Salt before 3003.3. | 7.5 |
| 2021-09-08 | CVE-2021-22004 | Race Condition vulnerability in multiple products An issue was discovered in SaltStack Salt before 3003.3. | 6.4 |