Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/salt@3003.3
Typepypi
Namespace
Namesalt
Version3003.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3005.2
Latest_non_vulnerable_version3007.9
Affected_by_vulnerabilities
0
url VCID-6y9z-4cqf-dbhh
vulnerability_id VCID-6y9z-4cqf-dbhh
summary Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-20897
reference_id
reference_type
scores
0
value 0.00154
scoring_system epss
scoring_elements 0.35811
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-20897
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-166.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-166.yaml
2
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
url https://github.com/saltstack/salt
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
4
reference_url https://saltproject.io/security-announcements/2023-08-10-advisory
reference_id
reference_type
scores
url https://saltproject.io/security-announcements/2023-08-10-advisory
5
reference_url https://saltproject.io/security-announcements/2023-08-10-advisory/
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://saltproject.io/security-announcements/2023-08-10-advisory/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-20897
reference_id CVE-2023-20897
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-20897
7
reference_url https://github.com/advisories/GHSA-vpjg-wmf8-29h9
reference_id GHSA-vpjg-wmf8-29h9
reference_type
scores
url https://github.com/advisories/GHSA-vpjg-wmf8-29h9
fixed_packages
0
url pkg:pypi/salt@3005.2
purl pkg:pypi/salt@3005.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3005.2
1
url pkg:pypi/salt@3006.2
purl pkg:pypi/salt@3006.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3006.2
aliases CVE-2023-20897, GHSA-vpjg-wmf8-29h9, PYSEC-2023-166
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6y9z-4cqf-dbhh
1
url VCID-r3m9-163d-myff
vulnerability_id VCID-r3m9-163d-myff
summary Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-20898
reference_id
reference_type
scores
0
value 0.0009
scoring_system epss
scoring_elements 0.25586
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-20898
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-169.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-169.yaml
2
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
url https://github.com/saltstack/salt
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
4
reference_url https://saltproject.io/security-announcements/2023-08-10-advisory
reference_id
reference_type
scores
url https://saltproject.io/security-announcements/2023-08-10-advisory
5
reference_url https://saltproject.io/security-announcements/2023-08-10-advisory/
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://saltproject.io/security-announcements/2023-08-10-advisory/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-20898
reference_id CVE-2023-20898
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-20898
7
reference_url https://github.com/advisories/GHSA-qvh6-3j7x-3hq7
reference_id GHSA-qvh6-3j7x-3hq7
reference_type
scores
url https://github.com/advisories/GHSA-qvh6-3j7x-3hq7
fixed_packages
0
url pkg:pypi/salt@3005.2
purl pkg:pypi/salt@3005.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3005.2
1
url pkg:pypi/salt@3006.2
purl pkg:pypi/salt@3006.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3006.2
aliases CVE-2023-20898, GHSA-qvh6-3j7x-3hq7, PYSEC-2023-169
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r3m9-163d-myff
Fixing_vulnerabilities
0
url VCID-anh6-63ah-sfhj
vulnerability_id VCID-anh6-63ah-sfhj
summary An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21996
reference_id
reference_type
scores
0
value 0.02263
scoring_system epss
scoring_elements 0.849
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21996
1
reference_url https://github.com/advisories/GHSA-pf7h-h2wq-m7pg
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pf7h-h2wq-m7pg
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-318.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-318.yaml
3
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00017.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/11/msg00017.html
4
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00019.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/11/msg00019.html
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/
14
reference_url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02
15
reference_url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
16
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/202310-22
17
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
url https://www.debian.org/security/2021/dsa-5011
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21996
reference_id CVE-2021-21996
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-21996
fixed_packages
0
url pkg:pypi/salt@3003.3
purl pkg:pypi/salt@3003.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.3
aliases CVE-2021-21996, GHSA-pf7h-h2wq-m7pg, PYSEC-2021-318
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-anh6-63ah-sfhj
1
url VCID-z6gy-m65u-wqgh
vulnerability_id VCID-z6gy-m65u-wqgh
summary An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22004
reference_id
reference_type
scores
0
value 0.0014
scoring_system epss
scoring_elements 0.33826
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22004
1
reference_url https://github.com/advisories/GHSA-xf37-qcvf-7m57
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xf37-qcvf-7m57
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-346.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-346.yaml
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/
9
reference_url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02
10
reference_url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-22004
reference_id CVE-2021-22004
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-22004
fixed_packages
0
url pkg:pypi/salt@3003.3
purl pkg:pypi/salt@3003.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.3
aliases CVE-2021-22004, GHSA-xf37-qcvf-7m57, PYSEC-2021-346
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6gy-m65u-wqgh
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.3