Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/salt@3000.0
Typepypi
Namespace
Namesalt
Version3000.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3005.2
Latest_non_vulnerable_version3007.9
Affected_by_vulnerabilities
0
url VCID-9agn-habm-fkh7
vulnerability_id VCID-9agn-habm-fkh7
summary In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
1
reference_url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25592
reference_id
reference_type
scores
0
value 0.44938
scoring_system epss
scoring_elements 0.97645
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25592
3
reference_url https://docs.saltstack.com/en/latest/topics/releases/index.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/index.html
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-106.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-106.yaml
6
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.7.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.7.rst#L12
8
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.5.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.5.rst#L12
9
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.3.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.3.rst#L12
10
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L14
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L14
11
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
14
reference_url https://security.gentoo.org/glsa/202011-13
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202011-13
15
reference_url https://www.debian.org/security/2021/dsa-4837
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4837
16
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
17
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
reference_id
reference_type
scores
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25592
reference_id CVE-2020-25592
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25592
19
reference_url https://github.com/advisories/GHSA-29j3-2446-5j4w
reference_id GHSA-29j3-2446-5j4w
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-29j3-2446-5j4w
20
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@3000.3
purl pkg:pypi/salt@3000.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.3
1
url pkg:pypi/salt@3000.5
purl pkg:pypi/salt@3000.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.5
2
url pkg:pypi/salt@3001.3
purl pkg:pypi/salt@3001.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.3
3
url pkg:pypi/salt@3002.1
purl pkg:pypi/salt@3002.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.1
aliases CVE-2020-25592, GHSA-29j3-2446-5j4w, PYSEC-2020-106
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9agn-habm-fkh7
1
url VCID-qupk-axwe-k7dq
vulnerability_id VCID-qupk-axwe-k7dq
summary An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
1
reference_url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-16846
reference_id
reference_type
scores
0
value 0.94387
scoring_system epss
scoring_elements 0.99972
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-16846
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-104.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-104.yaml
5
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10
8
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10
9
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L12
10
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://github.com/saltstack/salt/releases
11
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
12
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
16
reference_url https://security.gentoo.org/glsa/202011-13
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://security.gentoo.org/glsa/202011-13
17
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-16846
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-16846
18
reference_url https://www.debian.org/security/2021/dsa-4837
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.debian.org/security/2021/dsa-4837
19
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
20
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
21
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1379
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1379
22
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1379/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1379/
23
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1380
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1380
24
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1380/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1380/
25
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1381
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1381
26
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1381/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1381/
27
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1382
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1382
28
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1382/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1382/
29
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1383
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1383
30
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1383/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1383/
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-16846
reference_id CVE-2020-16846
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-16846
32
reference_url https://github.com/advisories/GHSA-qr38-h96j-2j3w
reference_id GHSA-qr38-h96j-2j3w
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qr38-h96j-2j3w
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
34
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
35
reference_url https://usn.ubuntu.com/7181-1/
reference_id USN-7181-1
reference_type
scores
url https://usn.ubuntu.com/7181-1/
fixed_packages
0
url pkg:pypi/salt@3000.3
purl pkg:pypi/salt@3000.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.3
1
url pkg:pypi/salt@3000.4
purl pkg:pypi/salt@3000.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.4
2
url pkg:pypi/salt@3001.2
purl pkg:pypi/salt@3001.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.2
3
url pkg:pypi/salt@3002.1
purl pkg:pypi/salt@3002.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.1
aliases CVE-2020-16846, GHSA-qr38-h96j-2j3w, PYSEC-2020-104
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qupk-axwe-k7dq
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.0