Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/salt@2018.2.0
Typepypi
Namespace
Namesalt
Version2018.2.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3005.2
Latest_non_vulnerable_version3007.9
Affected_by_vulnerabilities
0
url VCID-49dv-x94w-suda
vulnerability_id VCID-49dv-x94w-suda
summary An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3197
reference_id
reference_type
scores
0
value 0.09933
scoring_system epss
scoring_elements 0.9315
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3197
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-57.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-57.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2375
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2375
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L38
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L38
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L38
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L38
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L38
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L38
8
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
9
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
10
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
21
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
22
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
23
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
24
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3197
reference_id CVE-2021-3197
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3197
26
reference_url https://github.com/advisories/GHSA-8rp6-x3r7-5qw3
reference_id GHSA-8rp6-x3r7-5qw3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8rp6-x3r7-5qw3
27
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
3
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
4
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
5
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
6
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
7
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
8
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-3197, GHSA-8rp6-x3r7-5qw3, PYSEC-2021-57
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-49dv-x94w-suda
1
url VCID-9agn-habm-fkh7
vulnerability_id VCID-9agn-habm-fkh7
summary In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
1
reference_url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25592
reference_id
reference_type
scores
0
value 0.44938
scoring_system epss
scoring_elements 0.97645
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25592
3
reference_url https://docs.saltstack.com/en/latest/topics/releases/index.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/index.html
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-106.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-106.yaml
6
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.7.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.7.rst#L12
8
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.5.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.5.rst#L12
9
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.3.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.3.rst#L12
10
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L14
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L14
11
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
14
reference_url https://security.gentoo.org/glsa/202011-13
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202011-13
15
reference_url https://www.debian.org/security/2021/dsa-4837
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4837
16
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
17
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
reference_id
reference_type
scores
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25592
reference_id CVE-2020-25592
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25592
19
reference_url https://github.com/advisories/GHSA-29j3-2446-5j4w
reference_id GHSA-29j3-2446-5j4w
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-29j3-2446-5j4w
20
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2018.3.5
purl pkg:pypi/salt@2018.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-daqt-gz5r-hbfs
11
vulnerability VCID-dqnw-edrq-hka2
12
vulnerability VCID-dttu-htyd-tkcc
13
vulnerability VCID-eq7b-wcab-rqfq
14
vulnerability VCID-fgrx-cjat-x7dc
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-k7nb-cgu8-tye8
18
vulnerability VCID-kfjs-6e5q-j3aj
19
vulnerability VCID-kpfs-vzc3-f3br
20
vulnerability VCID-n3sc-mzk3-n7cg
21
vulnerability VCID-n4vy-d4dh-x7gu
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-w6j4-qrr2-3qae
24
vulnerability VCID-wvyr-dwg5-cya3
25
vulnerability VCID-z6gy-m65u-wqgh
26
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.3.5
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.7
purl pkg:pypi/salt@2019.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.7
3
url pkg:pypi/salt@3000.3
purl pkg:pypi/salt@3000.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.3
4
url pkg:pypi/salt@3000.5
purl pkg:pypi/salt@3000.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.5
5
url pkg:pypi/salt@3001.3
purl pkg:pypi/salt@3001.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.3
6
url pkg:pypi/salt@3002.1
purl pkg:pypi/salt@3002.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.1
aliases CVE-2020-25592, GHSA-29j3-2446-5j4w, PYSEC-2020-106
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9agn-habm-fkh7
2
url VCID-bddr-7e3e-gfch
vulnerability_id VCID-bddr-7e3e-gfch
summary An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.
references
0
reference_url http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25281
reference_id
reference_type
scores
0
value 0.93846
scoring_system epss
scoring_elements 0.99873
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25281
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-50.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-50.yaml
4
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L28
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L28
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L28
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L28
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L28
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L28
8
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://github.com/saltstack/salt/releases
9
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
21
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://security.gentoo.org/glsa/202103-01
22
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://security.gentoo.org/glsa/202310-22
23
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://www.debian.org/security/2021/dsa-5011
24
reference_url https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21
25
reference_url https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21/
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id 7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25281
reference_id CVE-2021-25281
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25281
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
29
reference_url https://github.com/advisories/GHSA-xxw3-765m-f37p
reference_id GHSA-xxw3-765m-f37p
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xxw3-765m-f37p
30
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
fixed_packages
0
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
3
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
4
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
5
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
6
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
7
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
8
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-25281, GHSA-xxw3-765m-f37p, PYSEC-2021-50
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bddr-7e3e-gfch
3
url VCID-dqnw-edrq-hka2
vulnerability_id VCID-dqnw-edrq-hka2
summary An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25283
reference_id
reference_type
scores
0
value 0.10038
scoring_system epss
scoring_elements 0.93194
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25283
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-52.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-52.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L34
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L34
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.5.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.5.rst#L12
6
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
7
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
17
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
18
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
19
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
20
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
21
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25283
reference_id CVE-2021-25283
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25283
23
reference_url https://github.com/advisories/GHSA-xgmh-gfxw-2hvv
reference_id GHSA-xgmh-gfxw-2hvv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xgmh-gfxw-2hvv
24
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
3
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
4
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
5
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
6
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
7
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-25283, GHSA-xgmh-gfxw-2hvv, PYSEC-2021-52
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dqnw-edrq-hka2
4
url VCID-eq7b-wcab-rqfq
vulnerability_id VCID-eq7b-wcab-rqfq
summary An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3148
reference_id
reference_type
scores
0
value 0.07332
scoring_system epss
scoring_elements 0.91814
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3148
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-55.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-55.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2374
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2374
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L23
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L23
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L23
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L23
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L23
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L23
8
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
9
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
21
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
22
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
23
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3148
reference_id CVE-2021-3148
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3148
25
reference_url https://github.com/advisories/GHSA-ghc2-hx3w-jqmp
reference_id GHSA-ghc2-hx3w-jqmp
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ghc2-hx3w-jqmp
26
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
3
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
4
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
5
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
6
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
7
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
8
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-3148, GHSA-ghc2-hx3w-jqmp, PYSEC-2021-55
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eq7b-wcab-rqfq
5
url VCID-fgrx-cjat-x7dc
vulnerability_id VCID-fgrx-cjat-x7dc
summary In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28972
reference_id
reference_type
scores
0
value 0.00802
scoring_system epss
scoring_elements 0.74394
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28972
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-74.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-74.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2358
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2358
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L14
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L14
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L14
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L14
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L14
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L14
8
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
18
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
20
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
21
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
22
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28972
reference_id CVE-2020-28972
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28972
24
reference_url https://github.com/advisories/GHSA-w589-r335-4f55
reference_id GHSA-w589-r335-4f55
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w589-r335-4f55
25
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
3
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
4
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
5
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
6
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
7
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
8
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2020-28972, GHSA-w589-r335-4f55, PYSEC-2021-74
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgrx-cjat-x7dc
6
url VCID-k7nb-cgu8-tye8
vulnerability_id VCID-k7nb-cgu8-tye8
summary An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28243
reference_id
reference_type
scores
0
value 0.01408
scoring_system epss
scoring_elements 0.808
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28243
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-73.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-73.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L12
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L12
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L12
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L12
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L12
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L12
7
reference_url https://github.com/stealthcopter/CVE-2020-28243
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/stealthcopter/CVE-2020-28243
8
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
9
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
21
reference_url https://sec.stealthcopter.com/cve-2020-28243/
reference_id
reference_type
scores
url https://sec.stealthcopter.com/cve-2020-28243/
22
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
23
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
24
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28243
reference_id CVE-2020-28243
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28243
26
reference_url https://sec.stealthcopter.com/cve-2020-28243
reference_id CVE-2020-28243
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://sec.stealthcopter.com/cve-2020-28243
27
reference_url https://github.com/advisories/GHSA-phhw-3wc9-8q75
reference_id GHSA-phhw-3wc9-8q75
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-phhw-3wc9-8q75
28
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
3
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
4
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
5
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
6
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
7
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
8
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2020-28243, GHSA-phhw-3wc9-8q75, PYSEC-2021-73
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k7nb-cgu8-tye8
7
url VCID-kfjs-6e5q-j3aj
vulnerability_id VCID-kfjs-6e5q-j3aj
summary In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3144
reference_id
reference_type
scores
0
value 0.05481
scoring_system epss
scoring_elements 0.9035
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3144
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-54.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-54.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2373
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2373
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L26
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L26
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L26
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L26
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L26
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L26
8
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
9
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
21
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
22
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
23
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3144
reference_id CVE-2021-3144
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3144
25
reference_url https://github.com/advisories/GHSA-w2hr-3mc8-46gh
reference_id GHSA-w2hr-3mc8-46gh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w2hr-3mc8-46gh
fixed_packages
0
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
3
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
4
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
5
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
6
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
7
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
8
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-3144, GHSA-w2hr-3mc8-46gh, PYSEC-2021-54
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kfjs-6e5q-j3aj
8
url VCID-n3sc-mzk3-n7cg
vulnerability_id VCID-n3sc-mzk3-n7cg
summary An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.
references
0
reference_url http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25282
reference_id
reference_type
scores
0
value 0.91286
scoring_system epss
scoring_elements 0.9967
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25282
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-51.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-51.yaml
4
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L31
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L31
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L31
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L31
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L31
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L31
8
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
9
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
10
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
21
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
22
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
23
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
24
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25282
reference_id CVE-2021-25282
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25282
26
reference_url https://github.com/advisories/GHSA-76x4-x3p6-rpr9
reference_id GHSA-76x4-x3p6-rpr9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-76x4-x3p6-rpr9
27
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
3
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
4
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
5
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
6
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
7
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
8
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-25282, GHSA-76x4-x3p6-rpr9, PYSEC-2021-51
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n3sc-mzk3-n7cg
9
url VCID-qupk-axwe-k7dq
vulnerability_id VCID-qupk-axwe-k7dq
summary An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
1
reference_url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-16846
reference_id
reference_type
scores
0
value 0.94387
scoring_system epss
scoring_elements 0.99972
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-16846
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-104.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-104.yaml
5
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10
8
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10
9
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L12
10
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://github.com/saltstack/salt/releases
11
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
12
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
16
reference_url https://security.gentoo.org/glsa/202011-13
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://security.gentoo.org/glsa/202011-13
17
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-16846
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-16846
18
reference_url https://www.debian.org/security/2021/dsa-4837
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.debian.org/security/2021/dsa-4837
19
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
20
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
21
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1379
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1379
22
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1379/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1379/
23
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1380
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1380
24
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1380/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1380/
25
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1381
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1381
26
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1381/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1381/
27
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1382
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1382
28
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1382/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1382/
29
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1383
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1383
30
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1383/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1383/
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-16846
reference_id CVE-2020-16846
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-16846
32
reference_url https://github.com/advisories/GHSA-qr38-h96j-2j3w
reference_id GHSA-qr38-h96j-2j3w
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qr38-h96j-2j3w
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
34
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
35
reference_url https://usn.ubuntu.com/7181-1/
reference_id USN-7181-1
reference_type
scores
url https://usn.ubuntu.com/7181-1/
fixed_packages
0
url pkg:pypi/salt@2018.3.5
purl pkg:pypi/salt@2018.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-daqt-gz5r-hbfs
11
vulnerability VCID-dqnw-edrq-hka2
12
vulnerability VCID-dttu-htyd-tkcc
13
vulnerability VCID-eq7b-wcab-rqfq
14
vulnerability VCID-fgrx-cjat-x7dc
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-k7nb-cgu8-tye8
18
vulnerability VCID-kfjs-6e5q-j3aj
19
vulnerability VCID-kpfs-vzc3-f3br
20
vulnerability VCID-n3sc-mzk3-n7cg
21
vulnerability VCID-n4vy-d4dh-x7gu
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-w6j4-qrr2-3qae
24
vulnerability VCID-wvyr-dwg5-cya3
25
vulnerability VCID-z6gy-m65u-wqgh
26
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.3.5
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.6
purl pkg:pypi/salt@2019.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.6
3
url pkg:pypi/salt@3000.3
purl pkg:pypi/salt@3000.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.3
4
url pkg:pypi/salt@3000.4
purl pkg:pypi/salt@3000.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.4
5
url pkg:pypi/salt@3001.2
purl pkg:pypi/salt@3001.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.2
6
url pkg:pypi/salt@3002.1
purl pkg:pypi/salt@3002.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.1
aliases CVE-2020-16846, GHSA-qr38-h96j-2j3w, PYSEC-2020-104
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qupk-axwe-k7dq
10
url VCID-w6j4-qrr2-3qae
vulnerability_id VCID-w6j4-qrr2-3qae
summary In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-35662
reference_id
reference_type
scores
0
value 0.0075
scoring_system epss
scoring_elements 0.73448
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-35662
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-75.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-75.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L18
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L18
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L18
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L18
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L18
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L18
7
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
17
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
18
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
19
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://security.gentoo.org/glsa/202103-01
20
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://security.gentoo.org/glsa/202310-22
21
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://www.debian.org/security/2021/dsa-5011
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id 7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-35662
reference_id CVE-2020-35662
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-35662
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
25
reference_url https://github.com/advisories/GHSA-qx72-q6w3-qgc7
reference_id GHSA-qx72-q6w3-qgc7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qx72-q6w3-qgc7
26
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
27
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
fixed_packages
0
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
3
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
4
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
5
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
6
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
7
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
8
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2020-35662, GHSA-qx72-q6w3-qgc7, PYSEC-2021-75
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6j4-qrr2-3qae
11
url VCID-wvyr-dwg5-cya3
vulnerability_id VCID-wvyr-dwg5-cya3
summary An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25284
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05976
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25284
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-53.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-53.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L37
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L37
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L37
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L37
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L37
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L37
7
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
8
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
9
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
21
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
22
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
23
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25284
reference_id CVE-2021-25284
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25284
25
reference_url https://github.com/advisories/GHSA-r55w-xph5-xvx2
reference_id GHSA-r55w-xph5-xvx2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r55w-xph5-xvx2
26
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
3
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
4
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
5
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
6
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
7
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
8
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-25284, GHSA-r55w-xph5-xvx2, PYSEC-2021-53
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wvyr-dwg5-cya3
12
url VCID-zhu7-et2m-nycg
vulnerability_id VCID-zhu7-et2m-nycg
summary The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-17490
reference_id
reference_type
scores
0
value 0.00046
scoring_system epss
scoring_elements 0.14519
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-17490
2
reference_url https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-105.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-105.yaml
5
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10
8
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10
9
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L13
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L13
10
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
13
reference_url https://security.gentoo.org/glsa/202011-13
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202011-13
14
reference_url https://www.debian.org/security/2021/dsa-4837
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4837
15
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
16
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
reference_id
reference_type
scores
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-17490
reference_id CVE-2020-17490
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-17490
18
reference_url https://github.com/advisories/GHSA-3c56-vx6v-q5vh
reference_id GHSA-3c56-vx6v-q5vh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3c56-vx6v-q5vh
19
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2018.3.5
purl pkg:pypi/salt@2018.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-daqt-gz5r-hbfs
11
vulnerability VCID-dqnw-edrq-hka2
12
vulnerability VCID-dttu-htyd-tkcc
13
vulnerability VCID-eq7b-wcab-rqfq
14
vulnerability VCID-fgrx-cjat-x7dc
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-k7nb-cgu8-tye8
18
vulnerability VCID-kfjs-6e5q-j3aj
19
vulnerability VCID-kpfs-vzc3-f3br
20
vulnerability VCID-n3sc-mzk3-n7cg
21
vulnerability VCID-n4vy-d4dh-x7gu
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-w6j4-qrr2-3qae
24
vulnerability VCID-wvyr-dwg5-cya3
25
vulnerability VCID-z6gy-m65u-wqgh
26
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.3.5
1
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
2
url pkg:pypi/salt@2019.2.6
purl pkg:pypi/salt@2019.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.6
3
url pkg:pypi/salt@3000.3
purl pkg:pypi/salt@3000.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.3
4
url pkg:pypi/salt@3000.4
purl pkg:pypi/salt@3000.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.4
5
url pkg:pypi/salt@3001.2
purl pkg:pypi/salt@3001.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.2
6
url pkg:pypi/salt@3002.1
purl pkg:pypi/salt@3002.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.1
aliases CVE-2020-17490, GHSA-3c56-vx6v-q5vh, PYSEC-2020-105
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zhu7-et2m-nycg
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.2.0