Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/salt@2016.11.2
Typepypi
Namespace
Namesalt
Version2016.11.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3005.2
Latest_non_vulnerable_version3007.9
Affected_by_vulnerabilities
0
url VCID-15a9-6v52-mbhm
vulnerability_id VCID-15a9-6v52-mbhm
summary Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14695
reference_id
reference_type
scores
0
value 0.00331
scoring_system epss
scoring_elements 0.56246
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14695
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1500748
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1500748
4
reference_url https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html
5
reference_url https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html
6
reference_url https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-36.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-36.yaml
9
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
10
reference_url https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-14695
reference_id CVE-2017-14695
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-14695
12
reference_url https://github.com/advisories/GHSA-j6gj-pg62-x8j6
reference_id GHSA-j6gj-pg62-x8j6
reference_type
scores
url https://github.com/advisories/GHSA-j6gj-pg62-x8j6
13
reference_url https://usn.ubuntu.com/USN-4769-1/
reference_id USN-USN-4769-1
reference_type
scores
url https://usn.ubuntu.com/USN-4769-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.8
purl pkg:pypi/salt@2016.11.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-49dv-x94w-suda
3
vulnerability VCID-5s8t-r4qa-yfb7
4
vulnerability VCID-6y9z-4cqf-dbhh
5
vulnerability VCID-7qmj-yzm7-yfhs
6
vulnerability VCID-84t6-tnd4-r3gq
7
vulnerability VCID-9agn-habm-fkh7
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-anh6-63ah-sfhj
10
vulnerability VCID-bddr-7e3e-gfch
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dqnw-edrq-hka2
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-eq7b-wcab-rqfq
16
vulnerability VCID-fgrx-cjat-x7dc
17
vulnerability VCID-fm6f-fxrk-hqe2
18
vulnerability VCID-hzv7-m2fc-4uej
19
vulnerability VCID-jn54-7udz-8ydy
20
vulnerability VCID-k7nb-cgu8-tye8
21
vulnerability VCID-kfjs-6e5q-j3aj
22
vulnerability VCID-kpfs-vzc3-f3br
23
vulnerability VCID-n3sc-mzk3-n7cg
24
vulnerability VCID-n4vy-d4dh-x7gu
25
vulnerability VCID-qupk-axwe-k7dq
26
vulnerability VCID-qvxh-acut-7qhb
27
vulnerability VCID-r3m9-163d-myff
28
vulnerability VCID-w6j4-qrr2-3qae
29
vulnerability VCID-wvyr-dwg5-cya3
30
vulnerability VCID-z2wc-w8ae-q3a9
31
vulnerability VCID-z6gy-m65u-wqgh
32
vulnerability VCID-zc1e-1a3m-87c3
33
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.8
1
url pkg:pypi/salt@2017.7.2
purl pkg:pypi/salt@2017.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-49dv-x94w-suda
3
vulnerability VCID-5s8t-r4qa-yfb7
4
vulnerability VCID-6y9z-4cqf-dbhh
5
vulnerability VCID-7qmj-yzm7-yfhs
6
vulnerability VCID-84t6-tnd4-r3gq
7
vulnerability VCID-9agn-habm-fkh7
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-anh6-63ah-sfhj
10
vulnerability VCID-bddr-7e3e-gfch
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dqnw-edrq-hka2
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-eq7b-wcab-rqfq
16
vulnerability VCID-fgrx-cjat-x7dc
17
vulnerability VCID-fm6f-fxrk-hqe2
18
vulnerability VCID-hzv7-m2fc-4uej
19
vulnerability VCID-jn54-7udz-8ydy
20
vulnerability VCID-k7nb-cgu8-tye8
21
vulnerability VCID-kfjs-6e5q-j3aj
22
vulnerability VCID-kpfs-vzc3-f3br
23
vulnerability VCID-n3sc-mzk3-n7cg
24
vulnerability VCID-n4vy-d4dh-x7gu
25
vulnerability VCID-qupk-axwe-k7dq
26
vulnerability VCID-qvxh-acut-7qhb
27
vulnerability VCID-r3m9-163d-myff
28
vulnerability VCID-w6j4-qrr2-3qae
29
vulnerability VCID-wvyr-dwg5-cya3
30
vulnerability VCID-z2wc-w8ae-q3a9
31
vulnerability VCID-z6gy-m65u-wqgh
32
vulnerability VCID-zc1e-1a3m-87c3
33
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.2
aliases CVE-2017-14695, GHSA-j6gj-pg62-x8j6, PYSEC-2017-36
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-15a9-6v52-mbhm
1
url VCID-2db5-ek61-2bdx
vulnerability_id VCID-2db5-ek61-2bdx
summary Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-15750
reference_id
reference_type
scores
0
value 0.00912
scoring_system epss
scoring_elements 0.76196
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-15750
2
reference_url https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html
3
reference_url https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2018-29.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2018-29.yaml
6
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2016.11.10.rst#L15
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2016.11.10.rst#L15
8
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2017.7.8.rst#L28
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2017.7.8.rst#L28
9
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2018.3.3.rst#L58
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2018.3.3.rst#L58
10
reference_url https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ
11
reference_url https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ
12
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html
13
reference_url https://usn.ubuntu.com/4459-1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4459-1
14
reference_url https://usn.ubuntu.com/4459-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4459-1/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-15750
reference_id CVE-2018-15750
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-15750
16
reference_url https://github.com/advisories/GHSA-jx34-pppm-gjvr
reference_id GHSA-jx34-pppm-gjvr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jx34-pppm-gjvr
17
reference_url https://usn.ubuntu.com/USN-4769-1/
reference_id USN-USN-4769-1
reference_type
scores
url https://usn.ubuntu.com/USN-4769-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
1
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
2
url pkg:pypi/salt@2018.3.3
purl pkg:pypi/salt@2018.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-daqt-gz5r-hbfs
12
vulnerability VCID-dqnw-edrq-hka2
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-eq7b-wcab-rqfq
15
vulnerability VCID-fgrx-cjat-x7dc
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-k7nb-cgu8-tye8
19
vulnerability VCID-kfjs-6e5q-j3aj
20
vulnerability VCID-kpfs-vzc3-f3br
21
vulnerability VCID-n3sc-mzk3-n7cg
22
vulnerability VCID-n4vy-d4dh-x7gu
23
vulnerability VCID-qupk-axwe-k7dq
24
vulnerability VCID-qvxh-acut-7qhb
25
vulnerability VCID-r3m9-163d-myff
26
vulnerability VCID-w6j4-qrr2-3qae
27
vulnerability VCID-wvyr-dwg5-cya3
28
vulnerability VCID-z2wc-w8ae-q3a9
29
vulnerability VCID-z6gy-m65u-wqgh
30
vulnerability VCID-zc1e-1a3m-87c3
31
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.3.3
aliases CVE-2018-15750, GHSA-jx34-pppm-gjvr, PYSEC-2018-29
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2db5-ek61-2bdx
2
url VCID-35um-xhk7-5yeg
vulnerability_id VCID-35um-xhk7-5yeg
summary SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2017-10/msg00073.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2017-10/msg00075.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14696
reference_id
reference_type
scores
0
value 0.01854
scoring_system epss
scoring_elements 0.83344
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14696
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1500742
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1500742
4
reference_url https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2016.11.8.html
5
reference_url https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2016.3.8.html
6
reference_url https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-37.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-37.yaml
9
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
10
reference_url https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-14696
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-14696
12
reference_url https://usn.ubuntu.com/USN-4769-1/
reference_id USN-USN-4769-1
reference_type
scores
url https://usn.ubuntu.com/USN-4769-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.8
purl pkg:pypi/salt@2016.11.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-49dv-x94w-suda
3
vulnerability VCID-5s8t-r4qa-yfb7
4
vulnerability VCID-6y9z-4cqf-dbhh
5
vulnerability VCID-7qmj-yzm7-yfhs
6
vulnerability VCID-84t6-tnd4-r3gq
7
vulnerability VCID-9agn-habm-fkh7
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-anh6-63ah-sfhj
10
vulnerability VCID-bddr-7e3e-gfch
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dqnw-edrq-hka2
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-eq7b-wcab-rqfq
16
vulnerability VCID-fgrx-cjat-x7dc
17
vulnerability VCID-fm6f-fxrk-hqe2
18
vulnerability VCID-hzv7-m2fc-4uej
19
vulnerability VCID-jn54-7udz-8ydy
20
vulnerability VCID-k7nb-cgu8-tye8
21
vulnerability VCID-kfjs-6e5q-j3aj
22
vulnerability VCID-kpfs-vzc3-f3br
23
vulnerability VCID-n3sc-mzk3-n7cg
24
vulnerability VCID-n4vy-d4dh-x7gu
25
vulnerability VCID-qupk-axwe-k7dq
26
vulnerability VCID-qvxh-acut-7qhb
27
vulnerability VCID-r3m9-163d-myff
28
vulnerability VCID-w6j4-qrr2-3qae
29
vulnerability VCID-wvyr-dwg5-cya3
30
vulnerability VCID-z2wc-w8ae-q3a9
31
vulnerability VCID-z6gy-m65u-wqgh
32
vulnerability VCID-zc1e-1a3m-87c3
33
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.8
1
url pkg:pypi/salt@2017.7.2
purl pkg:pypi/salt@2017.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-49dv-x94w-suda
3
vulnerability VCID-5s8t-r4qa-yfb7
4
vulnerability VCID-6y9z-4cqf-dbhh
5
vulnerability VCID-7qmj-yzm7-yfhs
6
vulnerability VCID-84t6-tnd4-r3gq
7
vulnerability VCID-9agn-habm-fkh7
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-anh6-63ah-sfhj
10
vulnerability VCID-bddr-7e3e-gfch
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dqnw-edrq-hka2
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-eq7b-wcab-rqfq
16
vulnerability VCID-fgrx-cjat-x7dc
17
vulnerability VCID-fm6f-fxrk-hqe2
18
vulnerability VCID-hzv7-m2fc-4uej
19
vulnerability VCID-jn54-7udz-8ydy
20
vulnerability VCID-k7nb-cgu8-tye8
21
vulnerability VCID-kfjs-6e5q-j3aj
22
vulnerability VCID-kpfs-vzc3-f3br
23
vulnerability VCID-n3sc-mzk3-n7cg
24
vulnerability VCID-n4vy-d4dh-x7gu
25
vulnerability VCID-qupk-axwe-k7dq
26
vulnerability VCID-qvxh-acut-7qhb
27
vulnerability VCID-r3m9-163d-myff
28
vulnerability VCID-w6j4-qrr2-3qae
29
vulnerability VCID-wvyr-dwg5-cya3
30
vulnerability VCID-z2wc-w8ae-q3a9
31
vulnerability VCID-z6gy-m65u-wqgh
32
vulnerability VCID-zc1e-1a3m-87c3
33
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.2
aliases CVE-2017-14696, GHSA-657p-cj5r-mjrh, PYSEC-2017-37
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-35um-xhk7-5yeg
3
url VCID-3qku-wmk8-5bg1
vulnerability_id VCID-3qku-wmk8-5bg1
summary An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22967
reference_id
reference_type
scores
0
value 0.00504
scoring_system epss
scoring_elements 0.66481
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22967
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/advisories/GHSA-fpxm-fprw-6hxj
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fpxm-fprw-6hxj
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-210.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-210.yaml
4
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
5
reference_url https://repo.saltproject.io
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://repo.saltproject.io
6
reference_url https://repo.saltproject.io/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:14Z/
url https://repo.saltproject.io/
7
reference_url https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/,
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/,
8
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:14Z/
url https://security.gentoo.org/glsa/202310-22
9
reference_url https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2C
reference_id %2C
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:14Z/
url https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2C
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22967
reference_id CVE-2022-22967
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-22967
fixed_packages
0
url pkg:pypi/salt@3002.9
purl pkg:pypi/salt@3002.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5s8t-r4qa-yfb7
1
vulnerability VCID-6y9z-4cqf-dbhh
2
vulnerability VCID-anh6-63ah-sfhj
3
vulnerability VCID-dttu-htyd-tkcc
4
vulnerability VCID-r3m9-163d-myff
5
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.9
1
url pkg:pypi/salt@3003.5
purl pkg:pypi/salt@3003.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.5
2
url pkg:pypi/salt@3004.2
purl pkg:pypi/salt@3004.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3004.2
aliases CVE-2022-22967, GHSA-fpxm-fprw-6hxj, PYSEC-2022-210
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3qku-wmk8-5bg1
4
url VCID-49dv-x94w-suda
vulnerability_id VCID-49dv-x94w-suda
summary An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3197
reference_id
reference_type
scores
0
value 0.09933
scoring_system epss
scoring_elements 0.9315
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3197
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-57.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-57.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2375
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2375
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L38
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L38
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L38
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L38
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L38
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L38
8
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
9
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
10
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
21
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
22
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
23
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
24
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3197
reference_id CVE-2021-3197
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3197
26
reference_url https://github.com/advisories/GHSA-8rp6-x3r7-5qw3
reference_id GHSA-8rp6-x3r7-5qw3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8rp6-x3r7-5qw3
27
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
9
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
10
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
11
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
12
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-3197, GHSA-8rp6-x3r7-5qw3, PYSEC-2021-57
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-49dv-x94w-suda
5
url VCID-5s8t-r4qa-yfb7
vulnerability_id VCID-5s8t-r4qa-yfb7
summary In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function (which executes popen unsafely).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-31607
reference_id
reference_type
scores
0
value 0.04548
scoring_system epss
scoring_elements 0.89361
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-31607
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/advisories/GHSA-hcjf-rp5h-g5h3
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hcjf-rp5h-g5h3
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-56.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-56.yaml
4
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
14
reference_url https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion
15
reference_url https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion/
reference_id
reference_type
scores
url https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion/
16
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
17
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-31607
reference_id CVE-2021-31607
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-31607
fixed_packages
0
url pkg:pypi/salt@3003rc1
purl pkg:pypi/salt@3003rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-anh6-63ah-sfhj
2
vulnerability VCID-dttu-htyd-tkcc
3
vulnerability VCID-r3m9-163d-myff
4
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003rc1
aliases CVE-2021-31607, GHSA-hcjf-rp5h-g5h3, PYSEC-2021-56
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5s8t-r4qa-yfb7
6
url VCID-6y9z-4cqf-dbhh
vulnerability_id VCID-6y9z-4cqf-dbhh
summary Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-20897
reference_id
reference_type
scores
0
value 0.00154
scoring_system epss
scoring_elements 0.35811
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-20897
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-166.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-166.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
5
reference_url https://saltproject.io/security-announcements/2023-08-10-advisory
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security-announcements/2023-08-10-advisory
6
reference_url https://saltproject.io/security-announcements/2023-08-10-advisory/
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-30T17:24:32Z/
url https://saltproject.io/security-announcements/2023-08-10-advisory/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-20897
reference_id CVE-2023-20897
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-20897
8
reference_url https://github.com/advisories/GHSA-vpjg-wmf8-29h9
reference_id GHSA-vpjg-wmf8-29h9
reference_type
scores
url https://github.com/advisories/GHSA-vpjg-wmf8-29h9
9
reference_url https://security.gentoo.org/glsa/202412-09
reference_id GLSA-202412-09
reference_type
scores
url https://security.gentoo.org/glsa/202412-09
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/
reference_id OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-30T17:24:32Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/
fixed_packages
0
url pkg:pypi/salt@3005.2
purl pkg:pypi/salt@3005.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3005.2
1
url pkg:pypi/salt@3006.2
purl pkg:pypi/salt@3006.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3006.2
aliases CVE-2023-20897, GHSA-vpjg-wmf8-29h9, PYSEC-2023-166
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6y9z-4cqf-dbhh
7
url VCID-7qmj-yzm7-yfhs
vulnerability_id VCID-7qmj-yzm7-yfhs
summary An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22935
reference_id
reference_type
scores
0
value 0.0007
scoring_system epss
scoring_elements 0.21565
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22935
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-172.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-172.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.8.rst#L31
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.8.rst#L31
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3003.4.rst#L31
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3003.4.rst#L31
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3004.1.rst#L29
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3004.1.rst#L29
7
reference_url https://github.com/saltstack/salt/releases,
reference_id
reference_type
scores
url https://github.com/saltstack/salt/releases,
8
reference_url https://repo.saltproject.io/
reference_id
reference_type
scores
url https://repo.saltproject.io/
9
reference_url https://saltproject.io/security_announcements/salt-security-advisory-release
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/salt-security-advisory-release
10
reference_url https://saltproject.io/security_announcements/salt-security-advisory-release/,
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/salt-security-advisory-release/,
11
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22935
reference_id CVE-2022-22935
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-22935
13
reference_url https://github.com/advisories/GHSA-cvcc-5x92-gmhc
reference_id GHSA-cvcc-5x92-gmhc
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cvcc-5x92-gmhc
fixed_packages
0
url pkg:pypi/salt@3002.8
purl pkg:pypi/salt@3002.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-anh6-63ah-sfhj
4
vulnerability VCID-dttu-htyd-tkcc
5
vulnerability VCID-r3m9-163d-myff
6
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.8
1
url pkg:pypi/salt@3003.4
purl pkg:pypi/salt@3003.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.4
2
url pkg:pypi/salt@3004.1
purl pkg:pypi/salt@3004.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3004.1
aliases CVE-2022-22935, GHSA-cvcc-5x92-gmhc, PYSEC-2022-172
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7qmj-yzm7-yfhs
8
url VCID-84t6-tnd4-r3gq
vulnerability_id VCID-84t6-tnd4-r3gq
summary An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A sufficient craft attacker could gain root access on minion under certain scenarios.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22936
reference_id
reference_type
scores
0
value 0.00107
scoring_system epss
scoring_elements 0.28645
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22936
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-173.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-173.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.8.rst#L31
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.8.rst#L31
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3003.4.rst#L32
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3003.4.rst#L32
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3004.1.rst#L30
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3004.1.rst#L30
7
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
8
reference_url https://github.com/saltstack/salt/releases,
reference_id
reference_type
scores
url https://github.com/saltstack/salt/releases,
9
reference_url https://repo.saltproject.io
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://repo.saltproject.io
10
reference_url https://repo.saltproject.io/
reference_id
reference_type
scores
url https://repo.saltproject.io/
11
reference_url https://saltproject.io/security_announcements/salt-security-advisory-release
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/salt-security-advisory-release
12
reference_url https://saltproject.io/security_announcements/salt-security-advisory-release/,
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/salt-security-advisory-release/,
13
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22936
reference_id CVE-2022-22936
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-22936
15
reference_url https://github.com/advisories/GHSA-5r3f-3m3j-wcj2
reference_id GHSA-5r3f-3m3j-wcj2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5r3f-3m3j-wcj2
fixed_packages
0
url pkg:pypi/salt@3002.8
purl pkg:pypi/salt@3002.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-anh6-63ah-sfhj
4
vulnerability VCID-dttu-htyd-tkcc
5
vulnerability VCID-r3m9-163d-myff
6
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.8
1
url pkg:pypi/salt@3003.4
purl pkg:pypi/salt@3003.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.4
2
url pkg:pypi/salt@3004.1
purl pkg:pypi/salt@3004.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3004.1
aliases CVE-2022-22936, GHSA-5r3f-3m3j-wcj2, PYSEC-2022-173
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84t6-tnd4-r3gq
9
url VCID-9agn-habm-fkh7
vulnerability_id VCID-9agn-habm-fkh7
summary In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
1
reference_url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25592
reference_id
reference_type
scores
0
value 0.44938
scoring_system epss
scoring_elements 0.97645
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25592
3
reference_url https://docs.saltstack.com/en/latest/topics/releases/index.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/index.html
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-106.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-106.yaml
6
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.7.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.7.rst#L12
8
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.5.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.5.rst#L12
9
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.3.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.3.rst#L12
10
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L14
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L14
11
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
14
reference_url https://security.gentoo.org/glsa/202011-13
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202011-13
15
reference_url https://www.debian.org/security/2021/dsa-4837
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4837
16
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
17
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
reference_id
reference_type
scores
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25592
reference_id CVE-2020-25592
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25592
19
reference_url https://github.com/advisories/GHSA-29j3-2446-5j4w
reference_id GHSA-29j3-2446-5j4w
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-29j3-2446-5j4w
20
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.6
purl pkg:pypi/salt@2016.11.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-n4vy-d4dh-x7gu
19
vulnerability VCID-qvxh-acut-7qhb
20
vulnerability VCID-r3m9-163d-myff
21
vulnerability VCID-z2wc-w8ae-q3a9
22
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.6
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.4
purl pkg:pypi/salt@2017.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-49dv-x94w-suda
3
vulnerability VCID-5s8t-r4qa-yfb7
4
vulnerability VCID-6y9z-4cqf-dbhh
5
vulnerability VCID-7qmj-yzm7-yfhs
6
vulnerability VCID-84t6-tnd4-r3gq
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-daqt-gz5r-hbfs
12
vulnerability VCID-dqnw-edrq-hka2
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-eq7b-wcab-rqfq
15
vulnerability VCID-fgrx-cjat-x7dc
16
vulnerability VCID-fm6f-fxrk-hqe2
17
vulnerability VCID-hzv7-m2fc-4uej
18
vulnerability VCID-jn54-7udz-8ydy
19
vulnerability VCID-k7nb-cgu8-tye8
20
vulnerability VCID-kfjs-6e5q-j3aj
21
vulnerability VCID-kpfs-vzc3-f3br
22
vulnerability VCID-n3sc-mzk3-n7cg
23
vulnerability VCID-n4vy-d4dh-x7gu
24
vulnerability VCID-qvxh-acut-7qhb
25
vulnerability VCID-r3m9-163d-myff
26
vulnerability VCID-w6j4-qrr2-3qae
27
vulnerability VCID-wvyr-dwg5-cya3
28
vulnerability VCID-z2wc-w8ae-q3a9
29
vulnerability VCID-z6gy-m65u-wqgh
30
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.4
4
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
5
url pkg:pypi/salt@2018.3.5
purl pkg:pypi/salt@2018.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-daqt-gz5r-hbfs
11
vulnerability VCID-dqnw-edrq-hka2
12
vulnerability VCID-dttu-htyd-tkcc
13
vulnerability VCID-eq7b-wcab-rqfq
14
vulnerability VCID-fgrx-cjat-x7dc
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-k7nb-cgu8-tye8
18
vulnerability VCID-kfjs-6e5q-j3aj
19
vulnerability VCID-kpfs-vzc3-f3br
20
vulnerability VCID-n3sc-mzk3-n7cg
21
vulnerability VCID-n4vy-d4dh-x7gu
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-w6j4-qrr2-3qae
24
vulnerability VCID-wvyr-dwg5-cya3
25
vulnerability VCID-z6gy-m65u-wqgh
26
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.3.5
6
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
7
url pkg:pypi/salt@2019.2.7
purl pkg:pypi/salt@2019.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.7
8
url pkg:pypi/salt@3000.3
purl pkg:pypi/salt@3000.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.3
9
url pkg:pypi/salt@3000.5
purl pkg:pypi/salt@3000.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.5
10
url pkg:pypi/salt@3001.3
purl pkg:pypi/salt@3001.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.3
11
url pkg:pypi/salt@3002.1
purl pkg:pypi/salt@3002.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.1
aliases CVE-2020-25592, GHSA-29j3-2446-5j4w, PYSEC-2020-106
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9agn-habm-fkh7
10
url VCID-9cpe-uywb-zfbc
vulnerability_id VCID-9cpe-uywb-zfbc
summary An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Salt Masters do not sign pillar data with the minion’s public key, which can result in attackers substituting arbitrary pillar data.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22934
reference_id
reference_type
scores
0
value 0.0012
scoring_system epss
scoring_elements 0.3065
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22934
1
reference_url https://blog.cloudflare.com/future-proofing-saltstack
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.cloudflare.com/future-proofing-saltstack
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-171.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-171.yaml
4
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
5
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
6
reference_url https://github.com/saltstack/salt/releases,
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases,
7
reference_url https://repo.saltproject.io
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://repo.saltproject.io
8
reference_url https://repo.saltproject.io/
reference_id
reference_type
scores
url https://repo.saltproject.io/
9
reference_url https://saltproject.io/security_announcements/salt-security-advisory-release/,
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/salt-security-advisory-release/,
10
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22934
reference_id CVE-2022-22934
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-22934
12
reference_url https://github.com/advisories/GHSA-2q4g-wfm6-5fpm
reference_id GHSA-2q4g-wfm6-5fpm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2q4g-wfm6-5fpm
fixed_packages
0
url pkg:pypi/salt@3002.8
purl pkg:pypi/salt@3002.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-anh6-63ah-sfhj
4
vulnerability VCID-dttu-htyd-tkcc
5
vulnerability VCID-r3m9-163d-myff
6
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.8
1
url pkg:pypi/salt@3003.4
purl pkg:pypi/salt@3003.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.4
2
url pkg:pypi/salt@3004.1
purl pkg:pypi/salt@3004.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3004.1
aliases CVE-2022-22934, GHSA-2q4g-wfm6-5fpm, PYSEC-2022-171
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9cpe-uywb-zfbc
11
url VCID-a5sa-utfb-yyc6
vulnerability_id VCID-a5sa-utfb-yyc6
summary Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12791
reference_id
reference_type
scores
0
value 0.00924
scoring_system epss
scoring_elements 0.76351
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12791
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872399
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872399
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1482006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1482006
3
reference_url https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html
4
reference_url https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2017.7.1.html
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-151.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-151.yaml
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-35.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-35.yaml
8
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
9
reference_url https://github.com/saltstack/salt/pull/42944
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/pull/42944
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12791
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12791
11
reference_url http://www.securityfocus.com/bid/100384
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url http://www.securityfocus.com/bid/100384
12
reference_url https://usn.ubuntu.com/USN-4769-1/
reference_id USN-USN-4769-1
reference_type
scores
url https://usn.ubuntu.com/USN-4769-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.7
purl pkg:pypi/salt@2016.11.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-49dv-x94w-suda
5
vulnerability VCID-5s8t-r4qa-yfb7
6
vulnerability VCID-6y9z-4cqf-dbhh
7
vulnerability VCID-7qmj-yzm7-yfhs
8
vulnerability VCID-84t6-tnd4-r3gq
9
vulnerability VCID-9agn-habm-fkh7
10
vulnerability VCID-9cpe-uywb-zfbc
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-bddr-7e3e-gfch
13
vulnerability VCID-c3tf-kuxu-euaz
14
vulnerability VCID-daqt-gz5r-hbfs
15
vulnerability VCID-dqnw-edrq-hka2
16
vulnerability VCID-dttu-htyd-tkcc
17
vulnerability VCID-eq7b-wcab-rqfq
18
vulnerability VCID-fgrx-cjat-x7dc
19
vulnerability VCID-fm6f-fxrk-hqe2
20
vulnerability VCID-hzv7-m2fc-4uej
21
vulnerability VCID-jn54-7udz-8ydy
22
vulnerability VCID-k7nb-cgu8-tye8
23
vulnerability VCID-kfjs-6e5q-j3aj
24
vulnerability VCID-kpfs-vzc3-f3br
25
vulnerability VCID-n3sc-mzk3-n7cg
26
vulnerability VCID-n4vy-d4dh-x7gu
27
vulnerability VCID-qupk-axwe-k7dq
28
vulnerability VCID-qvxh-acut-7qhb
29
vulnerability VCID-r3m9-163d-myff
30
vulnerability VCID-w6j4-qrr2-3qae
31
vulnerability VCID-wvyr-dwg5-cya3
32
vulnerability VCID-z2wc-w8ae-q3a9
33
vulnerability VCID-z6gy-m65u-wqgh
34
vulnerability VCID-zc1e-1a3m-87c3
35
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.7
1
url pkg:pypi/salt@2017.7.1
purl pkg:pypi/salt@2017.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-49dv-x94w-suda
5
vulnerability VCID-5s8t-r4qa-yfb7
6
vulnerability VCID-6y9z-4cqf-dbhh
7
vulnerability VCID-7qmj-yzm7-yfhs
8
vulnerability VCID-84t6-tnd4-r3gq
9
vulnerability VCID-9agn-habm-fkh7
10
vulnerability VCID-9cpe-uywb-zfbc
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-bddr-7e3e-gfch
13
vulnerability VCID-c3tf-kuxu-euaz
14
vulnerability VCID-daqt-gz5r-hbfs
15
vulnerability VCID-dqnw-edrq-hka2
16
vulnerability VCID-dttu-htyd-tkcc
17
vulnerability VCID-eq7b-wcab-rqfq
18
vulnerability VCID-fgrx-cjat-x7dc
19
vulnerability VCID-fm6f-fxrk-hqe2
20
vulnerability VCID-hzv7-m2fc-4uej
21
vulnerability VCID-jn54-7udz-8ydy
22
vulnerability VCID-k7nb-cgu8-tye8
23
vulnerability VCID-kfjs-6e5q-j3aj
24
vulnerability VCID-kpfs-vzc3-f3br
25
vulnerability VCID-n3sc-mzk3-n7cg
26
vulnerability VCID-n4vy-d4dh-x7gu
27
vulnerability VCID-qupk-axwe-k7dq
28
vulnerability VCID-qvxh-acut-7qhb
29
vulnerability VCID-r3m9-163d-myff
30
vulnerability VCID-w6j4-qrr2-3qae
31
vulnerability VCID-wvyr-dwg5-cya3
32
vulnerability VCID-z2wc-w8ae-q3a9
33
vulnerability VCID-z6gy-m65u-wqgh
34
vulnerability VCID-zc1e-1a3m-87c3
35
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.1
aliases CVE-2017-12791, GHSA-xxvj-8g5m-4qgw, PYSEC-2017-151, PYSEC-2017-35
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a5sa-utfb-yyc6
12
url VCID-anh6-63ah-sfhj
vulnerability_id VCID-anh6-63ah-sfhj
summary An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21996
reference_id
reference_type
scores
0
value 0.02263
scoring_system epss
scoring_elements 0.849
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21996
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/advisories/GHSA-pf7h-h2wq-m7pg
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pf7h-h2wq-m7pg
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-318.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-318.yaml
4
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
5
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00017.html
6
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00019.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00019.html
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/
16
reference_url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02
17
reference_url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
18
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
19
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21996
reference_id CVE-2021-21996
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21996
fixed_packages
0
url pkg:pypi/salt@3003.3
purl pkg:pypi/salt@3003.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.3
aliases CVE-2021-21996, GHSA-pf7h-h2wq-m7pg, PYSEC-2021-318
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-anh6-63ah-sfhj
13
url VCID-bddr-7e3e-gfch
vulnerability_id VCID-bddr-7e3e-gfch
summary An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.
references
0
reference_url http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25281
reference_id
reference_type
scores
0
value 0.93846
scoring_system epss
scoring_elements 0.99873
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25281
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-50.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-50.yaml
4
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L28
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L28
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L28
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L28
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L28
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L28
8
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://github.com/saltstack/salt/releases
9
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
21
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://security.gentoo.org/glsa/202103-01
22
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://security.gentoo.org/glsa/202310-22
23
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://www.debian.org/security/2021/dsa-5011
24
reference_url https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21
25
reference_url https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21/
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id 7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25281
reference_id CVE-2021-25281
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25281
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
29
reference_url https://github.com/advisories/GHSA-xxw3-765m-f37p
reference_id GHSA-xxw3-765m-f37p
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xxw3-765m-f37p
30
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T15:42:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
9
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
10
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
11
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
12
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-25281, GHSA-xxw3-765m-f37p, PYSEC-2021-50
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bddr-7e3e-gfch
14
url VCID-c3tf-kuxu-euaz
vulnerability_id VCID-c3tf-kuxu-euaz
summary CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25315
reference_id
reference_type
scores
0
value 0.00153
scoring_system epss
scoring_elements 0.35717
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25315
1
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1182382
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.suse.com/show_bug.cgi?id=1182382
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-891.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-891.yaml
4
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25315
reference_id CVE-2021-25315
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25315
6
reference_url https://github.com/advisories/GHSA-pmj6-9f8c-8g2m
reference_id GHSA-pmj6-9f8c-8g2m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pmj6-9f8c-8g2m
fixed_packages
0
url pkg:pypi/salt@3002.2
purl pkg:pypi/salt@3002.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.2
aliases CVE-2021-25315, GHSA-pmj6-9f8c-8g2m, PYSEC-2021-891
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c3tf-kuxu-euaz
15
url VCID-daqt-gz5r-hbfs
vulnerability_id VCID-daqt-gz5r-hbfs
summary An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html
2
reference_url http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html
3
reference_url http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11652
reference_id
reference_type
scores
0
value 0.93683
scoring_system epss
scoring_elements 0.99854
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11652
5
reference_url https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-103.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-103.yaml
8
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
9
reference_url https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
10
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11652
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11652
12
reference_url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG
13
reference_url http://support.blackberry.com/kb/articleDetail?articleNumber=000063758
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url http://support.blackberry.com/kb/articleDetail?articleNumber=000063758
14
reference_url https://usn.ubuntu.com/4459-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4459-1
15
reference_url https://usn.ubuntu.com/4459-1/
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url https://usn.ubuntu.com/4459-1/
16
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11652
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11652
17
reference_url https://www.debian.org/security/2020/dsa-4676
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url https://www.debian.org/security/2020/dsa-4676
18
reference_url http://www.vmware.com/security/advisories/VMSA-2020-0009.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:54:22Z/
url http://www.vmware.com/security/advisories/VMSA-2020-0009.html
19
reference_url https://usn.ubuntu.com/6849-1/
reference_id USN-6849-1
reference_type
scores
url https://usn.ubuntu.com/6849-1/
fixed_packages
0
url pkg:pypi/salt@2019.2.4
purl pkg:pypi/salt@2019.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-dqnw-edrq-hka2
12
vulnerability VCID-dttu-htyd-tkcc
13
vulnerability VCID-eq7b-wcab-rqfq
14
vulnerability VCID-fgrx-cjat-x7dc
15
vulnerability VCID-k7nb-cgu8-tye8
16
vulnerability VCID-kfjs-6e5q-j3aj
17
vulnerability VCID-n3sc-mzk3-n7cg
18
vulnerability VCID-n4vy-d4dh-x7gu
19
vulnerability VCID-qupk-axwe-k7dq
20
vulnerability VCID-r3m9-163d-myff
21
vulnerability VCID-w6j4-qrr2-3qae
22
vulnerability VCID-wvyr-dwg5-cya3
23
vulnerability VCID-z6gy-m65u-wqgh
24
vulnerability VCID-zc1e-1a3m-87c3
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.4
1
url pkg:pypi/salt@3000.2
purl pkg:pypi/salt@3000.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-dqnw-edrq-hka2
12
vulnerability VCID-dttu-htyd-tkcc
13
vulnerability VCID-eq7b-wcab-rqfq
14
vulnerability VCID-fgrx-cjat-x7dc
15
vulnerability VCID-k7nb-cgu8-tye8
16
vulnerability VCID-kfjs-6e5q-j3aj
17
vulnerability VCID-n3sc-mzk3-n7cg
18
vulnerability VCID-n4vy-d4dh-x7gu
19
vulnerability VCID-qupk-axwe-k7dq
20
vulnerability VCID-r3m9-163d-myff
21
vulnerability VCID-w6j4-qrr2-3qae
22
vulnerability VCID-wvyr-dwg5-cya3
23
vulnerability VCID-z6gy-m65u-wqgh
24
vulnerability VCID-zc1e-1a3m-87c3
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.2
aliases CVE-2020-11652, GHSA-vp49-2g4r-m3x3, PYSEC-2020-103
risk_score 1.6
exploitability 2.0
weighted_severity 0.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-daqt-gz5r-hbfs
16
url VCID-dqnw-edrq-hka2
vulnerability_id VCID-dqnw-edrq-hka2
summary An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25283
reference_id
reference_type
scores
0
value 0.10038
scoring_system epss
scoring_elements 0.93194
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25283
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-52.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-52.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L34
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L34
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.5.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.5.rst#L12
6
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
7
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
17
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
18
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
19
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
20
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
21
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25283
reference_id CVE-2021-25283
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25283
23
reference_url https://github.com/advisories/GHSA-xgmh-gfxw-2hvv
reference_id GHSA-xgmh-gfxw-2hvv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xgmh-gfxw-2hvv
24
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
9
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
10
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
11
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-25283, GHSA-xgmh-gfxw-2hvv, PYSEC-2021-52
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dqnw-edrq-hka2
17
url VCID-dttu-htyd-tkcc
vulnerability_id VCID-dttu-htyd-tkcc
summary Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33226
reference_id
reference_type
scores
0
value 0.04007
scoring_system epss
scoring_elements 0.88635
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33226
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/saltstack/salt/blob/master/salt/modules/status.py
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-18T19:05:32Z/
url https://github.com/saltstack/salt/blob/master/salt/modules/status.py
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33226
reference_id CVE-2021-33226
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-33226
4
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1208473
reference_id show_bug.cgi?id=1208473
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-18T19:05:32Z/
url https://bugzilla.suse.com/show_bug.cgi?id=1208473
fixed_packages
0
url pkg:pypi/salt@3003.1
purl pkg:pypi/salt@3003.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-anh6-63ah-sfhj
2
vulnerability VCID-r3m9-163d-myff
3
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.1
aliases CVE-2021-33226, PYSEC-2023-47
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dttu-htyd-tkcc
18
url VCID-eq7b-wcab-rqfq
vulnerability_id VCID-eq7b-wcab-rqfq
summary An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3148
reference_id
reference_type
scores
0
value 0.07332
scoring_system epss
scoring_elements 0.91814
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3148
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-55.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-55.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2374
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2374
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L23
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L23
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L23
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L23
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L23
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L23
8
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
9
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
21
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
22
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
23
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3148
reference_id CVE-2021-3148
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3148
25
reference_url https://github.com/advisories/GHSA-ghc2-hx3w-jqmp
reference_id GHSA-ghc2-hx3w-jqmp
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ghc2-hx3w-jqmp
26
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
9
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
10
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
11
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
12
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-3148, GHSA-ghc2-hx3w-jqmp, PYSEC-2021-55
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eq7b-wcab-rqfq
19
url VCID-fgrx-cjat-x7dc
vulnerability_id VCID-fgrx-cjat-x7dc
summary In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28972
reference_id
reference_type
scores
0
value 0.00802
scoring_system epss
scoring_elements 0.74394
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28972
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-74.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-74.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2358
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2358
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L14
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L14
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L14
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L14
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L14
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L14
8
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
18
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
20
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
21
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
22
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28972
reference_id CVE-2020-28972
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28972
24
reference_url https://github.com/advisories/GHSA-w589-r335-4f55
reference_id GHSA-w589-r335-4f55
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w589-r335-4f55
25
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
9
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
10
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
11
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
12
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2020-28972, GHSA-w589-r335-4f55, PYSEC-2021-74
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgrx-cjat-x7dc
20
url VCID-fm6f-fxrk-hqe2
vulnerability_id VCID-fm6f-fxrk-hqe2
summary SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-15751
reference_id
reference_type
scores
0
value 0.00556
scoring_system epss
scoring_elements 0.68445
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-15751
2
reference_url https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html
3
reference_url https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2018-30.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2018-30.yaml
6
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2016.11.10.rst#L13
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2016.11.10.rst#L13
8
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2017.7.8.rst#L26
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2017.7.8.rst#L26
9
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2018.3.3.rst#L56
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2018.3.3.rst#L56
10
reference_url https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/d/msg/salt-users/dimVF7rpphY/jn3Xv3MbBQAJ
11
reference_url https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/d/msg/salt-users/L9xqcJ0UXxs/qgDj42obBQAJ
12
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/07/msg00024.html
13
reference_url https://usn.ubuntu.com/4459-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4459-1
14
reference_url https://usn.ubuntu.com/4459-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4459-1/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-15751
reference_id CVE-2018-15751
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-15751
16
reference_url https://github.com/advisories/GHSA-x549-r7m8-gv63
reference_id GHSA-x549-r7m8-gv63
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x549-r7m8-gv63
17
reference_url https://usn.ubuntu.com/USN-4769-1/
reference_id USN-USN-4769-1
reference_type
scores
url https://usn.ubuntu.com/USN-4769-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
1
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
2
url pkg:pypi/salt@2018.3.3
purl pkg:pypi/salt@2018.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-daqt-gz5r-hbfs
12
vulnerability VCID-dqnw-edrq-hka2
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-eq7b-wcab-rqfq
15
vulnerability VCID-fgrx-cjat-x7dc
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-k7nb-cgu8-tye8
19
vulnerability VCID-kfjs-6e5q-j3aj
20
vulnerability VCID-kpfs-vzc3-f3br
21
vulnerability VCID-n3sc-mzk3-n7cg
22
vulnerability VCID-n4vy-d4dh-x7gu
23
vulnerability VCID-qupk-axwe-k7dq
24
vulnerability VCID-qvxh-acut-7qhb
25
vulnerability VCID-r3m9-163d-myff
26
vulnerability VCID-w6j4-qrr2-3qae
27
vulnerability VCID-wvyr-dwg5-cya3
28
vulnerability VCID-z2wc-w8ae-q3a9
29
vulnerability VCID-z6gy-m65u-wqgh
30
vulnerability VCID-zc1e-1a3m-87c3
31
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.3.3
aliases CVE-2018-15751, GHSA-x549-r7m8-gv63, PYSEC-2018-30
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fm6f-fxrk-hqe2
21
url VCID-hzv7-m2fc-4uej
vulnerability_id VCID-hzv7-m2fc-4uej
summary In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17361
reference_id
reference_type
scores
0
value 0.17854
scoring_system epss
scoring_elements 0.95252
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17361
2
reference_url https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-177.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-177.yaml
5
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
6
reference_url https://github.com/saltstack/salt/commits/master
reference_id
reference_type
scores
url https://github.com/saltstack/salt/commits/master
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-17361
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-17361
8
reference_url https://usn.ubuntu.com/4459-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4459-1
9
reference_url https://usn.ubuntu.com/4459-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4459-1/
10
reference_url https://www.debian.org/security/2020/dsa-4676
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4676
fixed_packages
0
url pkg:pypi/salt@2019.2.1
purl pkg:pypi/salt@2019.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-daqt-gz5r-hbfs
12
vulnerability VCID-dqnw-edrq-hka2
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-eq7b-wcab-rqfq
15
vulnerability VCID-fgrx-cjat-x7dc
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-k7nb-cgu8-tye8
18
vulnerability VCID-kfjs-6e5q-j3aj
19
vulnerability VCID-n3sc-mzk3-n7cg
20
vulnerability VCID-n4vy-d4dh-x7gu
21
vulnerability VCID-qupk-axwe-k7dq
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-w6j4-qrr2-3qae
24
vulnerability VCID-wvyr-dwg5-cya3
25
vulnerability VCID-z6gy-m65u-wqgh
26
vulnerability VCID-zc1e-1a3m-87c3
27
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.1
1
url pkg:pypi/salt@2019.2.3
purl pkg:pypi/salt@2019.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-daqt-gz5r-hbfs
12
vulnerability VCID-dqnw-edrq-hka2
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-eq7b-wcab-rqfq
15
vulnerability VCID-fgrx-cjat-x7dc
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-k7nb-cgu8-tye8
18
vulnerability VCID-kfjs-6e5q-j3aj
19
vulnerability VCID-n3sc-mzk3-n7cg
20
vulnerability VCID-n4vy-d4dh-x7gu
21
vulnerability VCID-qupk-axwe-k7dq
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-w6j4-qrr2-3qae
24
vulnerability VCID-wvyr-dwg5-cya3
25
vulnerability VCID-z6gy-m65u-wqgh
26
vulnerability VCID-zc1e-1a3m-87c3
27
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.3
aliases CVE-2019-17361, GHSA-q53j-p6r2-g2v4, PYSEC-2020-177
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hzv7-m2fc-4uej
22
url VCID-jn54-7udz-8ydy
vulnerability_id VCID-jn54-7udz-8ydy
summary An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html
2
reference_url http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url http://packetstormsecurity.com/files/157560/Saltstack-3000.1-Remote-Code-Execution.html
3
reference_url http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url http://packetstormsecurity.com/files/157678/SaltStack-Salt-Master-Minion-Unauthenticated-Remote-Code-Execution.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11651
reference_id
reference_type
scores
0
value 0.94234
scoring_system epss
scoring_elements 0.9993
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11651
5
reference_url https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-102.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-102.yaml
8
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
9
reference_url https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
10
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url https://lists.debian.org/debian-lts-announce/2020/05/msg00027.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11651
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11651
12
reference_url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG
13
reference_url https://usn.ubuntu.com/4459-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4459-1
14
reference_url https://usn.ubuntu.com/4459-1/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url https://usn.ubuntu.com/4459-1/
15
reference_url https://www.debian.org/security/2020/dsa-4676
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url https://www.debian.org/security/2020/dsa-4676
16
reference_url http://www.vmware.com/security/advisories/VMSA-2020-0009.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:59:33Z/
url http://www.vmware.com/security/advisories/VMSA-2020-0009.html
17
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/48421.txt
reference_id CVE-2020-11652;CVE-2020-11651
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/48421.txt
18
reference_url https://usn.ubuntu.com/6849-1/
reference_id USN-6849-1
reference_type
scores
url https://usn.ubuntu.com/6849-1/
fixed_packages
0
url pkg:pypi/salt@2019.2.4
purl pkg:pypi/salt@2019.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-dqnw-edrq-hka2
12
vulnerability VCID-dttu-htyd-tkcc
13
vulnerability VCID-eq7b-wcab-rqfq
14
vulnerability VCID-fgrx-cjat-x7dc
15
vulnerability VCID-k7nb-cgu8-tye8
16
vulnerability VCID-kfjs-6e5q-j3aj
17
vulnerability VCID-n3sc-mzk3-n7cg
18
vulnerability VCID-n4vy-d4dh-x7gu
19
vulnerability VCID-qupk-axwe-k7dq
20
vulnerability VCID-r3m9-163d-myff
21
vulnerability VCID-w6j4-qrr2-3qae
22
vulnerability VCID-wvyr-dwg5-cya3
23
vulnerability VCID-z6gy-m65u-wqgh
24
vulnerability VCID-zc1e-1a3m-87c3
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.4
1
url pkg:pypi/salt@3000.2
purl pkg:pypi/salt@3000.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-dqnw-edrq-hka2
12
vulnerability VCID-dttu-htyd-tkcc
13
vulnerability VCID-eq7b-wcab-rqfq
14
vulnerability VCID-fgrx-cjat-x7dc
15
vulnerability VCID-k7nb-cgu8-tye8
16
vulnerability VCID-kfjs-6e5q-j3aj
17
vulnerability VCID-n3sc-mzk3-n7cg
18
vulnerability VCID-n4vy-d4dh-x7gu
19
vulnerability VCID-qupk-axwe-k7dq
20
vulnerability VCID-r3m9-163d-myff
21
vulnerability VCID-w6j4-qrr2-3qae
22
vulnerability VCID-wvyr-dwg5-cya3
23
vulnerability VCID-z6gy-m65u-wqgh
24
vulnerability VCID-zc1e-1a3m-87c3
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.2
aliases CVE-2020-11651, GHSA-pjhf-vpx3-33r3, PYSEC-2020-102
risk_score 1.6
exploitability 2.0
weighted_severity 0.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jn54-7udz-8ydy
23
url VCID-k7nb-cgu8-tye8
vulnerability_id VCID-k7nb-cgu8-tye8
summary An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28243
reference_id
reference_type
scores
0
value 0.01408
scoring_system epss
scoring_elements 0.808
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28243
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-73.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-73.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L12
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L12
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L12
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L12
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L12
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L12
7
reference_url https://github.com/stealthcopter/CVE-2020-28243
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/stealthcopter/CVE-2020-28243
8
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
9
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
21
reference_url https://sec.stealthcopter.com/cve-2020-28243/
reference_id
reference_type
scores
url https://sec.stealthcopter.com/cve-2020-28243/
22
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
23
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
24
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28243
reference_id CVE-2020-28243
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28243
26
reference_url https://sec.stealthcopter.com/cve-2020-28243
reference_id CVE-2020-28243
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://sec.stealthcopter.com/cve-2020-28243
27
reference_url https://github.com/advisories/GHSA-phhw-3wc9-8q75
reference_id GHSA-phhw-3wc9-8q75
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-phhw-3wc9-8q75
28
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
9
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
10
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
11
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
12
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2020-28243, GHSA-phhw-3wc9-8q75, PYSEC-2021-73
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k7nb-cgu8-tye8
24
url VCID-kfjs-6e5q-j3aj
vulnerability_id VCID-kfjs-6e5q-j3aj
summary In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3144
reference_id
reference_type
scores
0
value 0.05481
scoring_system epss
scoring_elements 0.9035
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3144
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-54.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-54.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2373
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/CHANGELOG.md?plain=1#L2373
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L26
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L26
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L26
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L26
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L26
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L26
8
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
9
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
21
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
22
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
23
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3144
reference_id CVE-2021-3144
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3144
25
reference_url https://github.com/advisories/GHSA-w2hr-3mc8-46gh
reference_id GHSA-w2hr-3mc8-46gh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w2hr-3mc8-46gh
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
9
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
10
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
11
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
12
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-3144, GHSA-w2hr-3mc8-46gh, PYSEC-2021-54
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kfjs-6e5q-j3aj
25
url VCID-kpfs-vzc3-f3br
vulnerability_id VCID-kpfs-vzc3-f3br
summary In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html
1
reference_url https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix
reference_id
reference_type
scores
url https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html#security-fix
2
reference_url https://github.com/saltstack/salt/commits/master
reference_id
reference_type
scores
url https://github.com/saltstack/salt/commits/master
3
reference_url https://usn.ubuntu.com/4459-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4459-1/
4
reference_url https://www.debian.org/security/2020/dsa-4676
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4676
fixed_packages
0
url pkg:pypi/salt@2019.2.1
purl pkg:pypi/salt@2019.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-daqt-gz5r-hbfs
12
vulnerability VCID-dqnw-edrq-hka2
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-eq7b-wcab-rqfq
15
vulnerability VCID-fgrx-cjat-x7dc
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-k7nb-cgu8-tye8
18
vulnerability VCID-kfjs-6e5q-j3aj
19
vulnerability VCID-n3sc-mzk3-n7cg
20
vulnerability VCID-n4vy-d4dh-x7gu
21
vulnerability VCID-qupk-axwe-k7dq
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-w6j4-qrr2-3qae
24
vulnerability VCID-wvyr-dwg5-cya3
25
vulnerability VCID-z6gy-m65u-wqgh
26
vulnerability VCID-zc1e-1a3m-87c3
27
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.1
aliases PYSEC-2020-196
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpfs-vzc3-f3br
26
url VCID-kpue-fsd4-akdq
vulnerability_id VCID-kpue-fsd4-akdq
summary The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8109
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.14911
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8109
1
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1035912
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.suse.com/show_bug.cgi?id=1035912
2
reference_url https://docs.saltstack.com/en/latest/topics/releases/2016.11.4.html
reference_id
reference_type
scores
url https://docs.saltstack.com/en/latest/topics/releases/2016.11.4.html
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-82.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-82.yaml
5
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
6
reference_url https://github.com/saltstack/salt/issues/40075
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/issues/40075
7
reference_url https://github.com/saltstack/salt/pull/40609
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/pull/40609
8
reference_url https://github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/pull/40609/commits/6e34c2b5e5e849302af7ccd00509929c3809c658
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-8109
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-8109
10
reference_url http://www.securityfocus.com/bid/98095
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/98095
fixed_packages
0
url pkg:pypi/salt@2016.11.4
purl pkg:pypi/salt@2016.11.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-49dv-x94w-suda
5
vulnerability VCID-5s8t-r4qa-yfb7
6
vulnerability VCID-6y9z-4cqf-dbhh
7
vulnerability VCID-7qmj-yzm7-yfhs
8
vulnerability VCID-84t6-tnd4-r3gq
9
vulnerability VCID-9agn-habm-fkh7
10
vulnerability VCID-9cpe-uywb-zfbc
11
vulnerability VCID-a5sa-utfb-yyc6
12
vulnerability VCID-anh6-63ah-sfhj
13
vulnerability VCID-bddr-7e3e-gfch
14
vulnerability VCID-c3tf-kuxu-euaz
15
vulnerability VCID-daqt-gz5r-hbfs
16
vulnerability VCID-dqnw-edrq-hka2
17
vulnerability VCID-dttu-htyd-tkcc
18
vulnerability VCID-eq7b-wcab-rqfq
19
vulnerability VCID-fgrx-cjat-x7dc
20
vulnerability VCID-fm6f-fxrk-hqe2
21
vulnerability VCID-hzv7-m2fc-4uej
22
vulnerability VCID-jn54-7udz-8ydy
23
vulnerability VCID-k7nb-cgu8-tye8
24
vulnerability VCID-kfjs-6e5q-j3aj
25
vulnerability VCID-kpfs-vzc3-f3br
26
vulnerability VCID-n3sc-mzk3-n7cg
27
vulnerability VCID-n4vy-d4dh-x7gu
28
vulnerability VCID-qupk-axwe-k7dq
29
vulnerability VCID-qvxh-acut-7qhb
30
vulnerability VCID-r3m9-163d-myff
31
vulnerability VCID-w6j4-qrr2-3qae
32
vulnerability VCID-wvyr-dwg5-cya3
33
vulnerability VCID-z2wc-w8ae-q3a9
34
vulnerability VCID-z6gy-m65u-wqgh
35
vulnerability VCID-zc1e-1a3m-87c3
36
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.4
aliases CVE-2017-8109, GHSA-xcx4-5wq7-g5g7, PYSEC-2017-82
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpue-fsd4-akdq
27
url VCID-n3sc-mzk3-n7cg
vulnerability_id VCID-n3sc-mzk3-n7cg
summary An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.
references
0
reference_url http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25282
reference_id
reference_type
scores
0
value 0.91286
scoring_system epss
scoring_elements 0.9967
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25282
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-51.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-51.yaml
4
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L31
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L31
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L31
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L31
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L31
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L31
8
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
9
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
10
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
21
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
22
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
23
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
24
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25282
reference_id CVE-2021-25282
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25282
26
reference_url https://github.com/advisories/GHSA-76x4-x3p6-rpr9
reference_id GHSA-76x4-x3p6-rpr9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-76x4-x3p6-rpr9
27
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
9
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
10
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
11
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
12
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-25282, GHSA-76x4-x3p6-rpr9, PYSEC-2021-51
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n3sc-mzk3-n7cg
28
url VCID-n4vy-d4dh-x7gu
vulnerability_id VCID-n4vy-d4dh-x7gu
summary An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid, allowing configured users to target any of the minions connected to the syndic with their configured commands. This requires a syndic master combined with publisher_acl configured on the Master-of-Masters, allowing users specified in the publisher_acl to bypass permissions, publishing authorized commands to any configured minion.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22941
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03679
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22941
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-174.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2022-174.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.8.rst#L31
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.8.rst#L31
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3003.4.rst#L32
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3003.4.rst#L32
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3004.1.rst#L30
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3004.1.rst#L30
7
reference_url https://github.com/saltstack/salt/releases,
reference_id
reference_type
scores
url https://github.com/saltstack/salt/releases,
8
reference_url https://repo.saltproject.io
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://repo.saltproject.io
9
reference_url https://repo.saltproject.io/
reference_id
reference_type
scores
url https://repo.saltproject.io/
10
reference_url https://saltproject.io/security_announcements/salt-security-advisory-release/,
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/salt-security-advisory-release/,
11
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22941
reference_id CVE-2022-22941
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-22941
13
reference_url https://github.com/advisories/GHSA-qcr3-hr2f-6557
reference_id GHSA-qcr3-hr2f-6557
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qcr3-hr2f-6557
fixed_packages
0
url pkg:pypi/salt@3002.8
purl pkg:pypi/salt@3002.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-anh6-63ah-sfhj
4
vulnerability VCID-dttu-htyd-tkcc
5
vulnerability VCID-r3m9-163d-myff
6
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.8
1
url pkg:pypi/salt@3003.4
purl pkg:pypi/salt@3003.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.4
2
url pkg:pypi/salt@3004.1
purl pkg:pypi/salt@3004.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3004.1
aliases CVE-2022-22941, GHSA-qcr3-hr2f-6557, PYSEC-2022-174
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n4vy-d4dh-x7gu
29
url VCID-qupk-axwe-k7dq
vulnerability_id VCID-qupk-axwe-k7dq
summary An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
1
reference_url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-16846
reference_id
reference_type
scores
0
value 0.94387
scoring_system epss
scoring_elements 0.99972
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-16846
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-104.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-104.yaml
5
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10
8
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10
9
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L12
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L12
10
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://github.com/saltstack/salt/releases
11
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
12
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
16
reference_url https://security.gentoo.org/glsa/202011-13
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://security.gentoo.org/glsa/202011-13
17
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-16846
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-16846
18
reference_url https://www.debian.org/security/2021/dsa-4837
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.debian.org/security/2021/dsa-4837
19
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
20
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
21
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1379
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1379
22
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1379/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1379/
23
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1380
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1380
24
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1380/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1380/
25
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1381
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1381
26
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1381/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1381/
27
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1382
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1382
28
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1382/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1382/
29
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1383
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.zerodayinitiative.com/advisories/ZDI-20-1383
30
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-1383/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-1383/
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-16846
reference_id CVE-2020-16846
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-16846
32
reference_url https://github.com/advisories/GHSA-qr38-h96j-2j3w
reference_id GHSA-qr38-h96j-2j3w
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qr38-h96j-2j3w
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:49:59Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
34
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
35
reference_url https://usn.ubuntu.com/7181-1/
reference_id USN-7181-1
reference_type
scores
url https://usn.ubuntu.com/7181-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.6
purl pkg:pypi/salt@2016.11.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-n4vy-d4dh-x7gu
19
vulnerability VCID-qvxh-acut-7qhb
20
vulnerability VCID-r3m9-163d-myff
21
vulnerability VCID-z2wc-w8ae-q3a9
22
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.6
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.4
purl pkg:pypi/salt@2017.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-49dv-x94w-suda
3
vulnerability VCID-5s8t-r4qa-yfb7
4
vulnerability VCID-6y9z-4cqf-dbhh
5
vulnerability VCID-7qmj-yzm7-yfhs
6
vulnerability VCID-84t6-tnd4-r3gq
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-daqt-gz5r-hbfs
12
vulnerability VCID-dqnw-edrq-hka2
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-eq7b-wcab-rqfq
15
vulnerability VCID-fgrx-cjat-x7dc
16
vulnerability VCID-fm6f-fxrk-hqe2
17
vulnerability VCID-hzv7-m2fc-4uej
18
vulnerability VCID-jn54-7udz-8ydy
19
vulnerability VCID-k7nb-cgu8-tye8
20
vulnerability VCID-kfjs-6e5q-j3aj
21
vulnerability VCID-kpfs-vzc3-f3br
22
vulnerability VCID-n3sc-mzk3-n7cg
23
vulnerability VCID-n4vy-d4dh-x7gu
24
vulnerability VCID-qvxh-acut-7qhb
25
vulnerability VCID-r3m9-163d-myff
26
vulnerability VCID-w6j4-qrr2-3qae
27
vulnerability VCID-wvyr-dwg5-cya3
28
vulnerability VCID-z2wc-w8ae-q3a9
29
vulnerability VCID-z6gy-m65u-wqgh
30
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.4
4
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
5
url pkg:pypi/salt@2018.3.5
purl pkg:pypi/salt@2018.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-daqt-gz5r-hbfs
11
vulnerability VCID-dqnw-edrq-hka2
12
vulnerability VCID-dttu-htyd-tkcc
13
vulnerability VCID-eq7b-wcab-rqfq
14
vulnerability VCID-fgrx-cjat-x7dc
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-k7nb-cgu8-tye8
18
vulnerability VCID-kfjs-6e5q-j3aj
19
vulnerability VCID-kpfs-vzc3-f3br
20
vulnerability VCID-n3sc-mzk3-n7cg
21
vulnerability VCID-n4vy-d4dh-x7gu
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-w6j4-qrr2-3qae
24
vulnerability VCID-wvyr-dwg5-cya3
25
vulnerability VCID-z6gy-m65u-wqgh
26
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.3.5
6
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
7
url pkg:pypi/salt@2019.2.6
purl pkg:pypi/salt@2019.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.6
8
url pkg:pypi/salt@3000.3
purl pkg:pypi/salt@3000.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.3
9
url pkg:pypi/salt@3000.4
purl pkg:pypi/salt@3000.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.4
10
url pkg:pypi/salt@3001.2
purl pkg:pypi/salt@3001.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.2
11
url pkg:pypi/salt@3002.1
purl pkg:pypi/salt@3002.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.1
aliases CVE-2020-16846, GHSA-qr38-h96j-2j3w, PYSEC-2020-104
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qupk-axwe-k7dq
30
url VCID-qvxh-acut-7qhb
vulnerability_id VCID-qvxh-acut-7qhb
summary SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1010259
reference_id
reference_type
scores
0
value 0.00363
scoring_system epss
scoring_elements 0.58619
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1010259
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2019-119.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2019-119.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534
5
reference_url https://github.com/saltstack/salt/pull/51462
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/pull/51462
6
reference_url https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-1010259
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-1010259
fixed_packages
0
url pkg:pypi/salt@2018.3.4
purl pkg:pypi/salt@2018.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-daqt-gz5r-hbfs
12
vulnerability VCID-dqnw-edrq-hka2
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-eq7b-wcab-rqfq
15
vulnerability VCID-fgrx-cjat-x7dc
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-k7nb-cgu8-tye8
19
vulnerability VCID-kfjs-6e5q-j3aj
20
vulnerability VCID-kpfs-vzc3-f3br
21
vulnerability VCID-n3sc-mzk3-n7cg
22
vulnerability VCID-n4vy-d4dh-x7gu
23
vulnerability VCID-qupk-axwe-k7dq
24
vulnerability VCID-r3m9-163d-myff
25
vulnerability VCID-w6j4-qrr2-3qae
26
vulnerability VCID-wvyr-dwg5-cya3
27
vulnerability VCID-z6gy-m65u-wqgh
28
vulnerability VCID-zc1e-1a3m-87c3
29
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.3.4
aliases CVE-2019-1010259, GHSA-h8xp-h3jf-wv4v, PYSEC-2019-119
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvxh-acut-7qhb
31
url VCID-r3m9-163d-myff
vulnerability_id VCID-r3m9-163d-myff
summary Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-20898
reference_id
reference_type
scores
0
value 0.0009
scoring_system epss
scoring_elements 0.25586
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-20898
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-169.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-169.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
5
reference_url https://saltproject.io/security-announcements/2023-08-10-advisory
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security-announcements/2023-08-10-advisory
6
reference_url https://saltproject.io/security-announcements/2023-08-10-advisory/
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:44:22Z/
url https://saltproject.io/security-announcements/2023-08-10-advisory/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-20898
reference_id CVE-2023-20898
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-20898
8
reference_url https://github.com/advisories/GHSA-qvh6-3j7x-3hq7
reference_id GHSA-qvh6-3j7x-3hq7
reference_type
scores
url https://github.com/advisories/GHSA-qvh6-3j7x-3hq7
9
reference_url https://security.gentoo.org/glsa/202412-09
reference_id GLSA-202412-09
reference_type
scores
url https://security.gentoo.org/glsa/202412-09
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/
reference_id OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:44:22Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/
fixed_packages
0
url pkg:pypi/salt@3005.2
purl pkg:pypi/salt@3005.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3005.2
1
url pkg:pypi/salt@3006.2
purl pkg:pypi/salt@3006.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3006.2
aliases CVE-2023-20898, GHSA-qvh6-3j7x-3hq7, PYSEC-2023-169
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r3m9-163d-myff
32
url VCID-w6j4-qrr2-3qae
vulnerability_id VCID-w6j4-qrr2-3qae
summary In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-35662
reference_id
reference_type
scores
0
value 0.0075
scoring_system epss
scoring_elements 0.73448
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-35662
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-75.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-75.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L18
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L18
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L18
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L18
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L18
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L18
7
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
17
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
18
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
19
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://security.gentoo.org/glsa/202103-01
20
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://security.gentoo.org/glsa/202310-22
21
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://www.debian.org/security/2021/dsa-5011
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id 7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-35662
reference_id CVE-2020-35662
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-35662
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
25
reference_url https://github.com/advisories/GHSA-qx72-q6w3-qgc7
reference_id GHSA-qx72-q6w3-qgc7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qx72-q6w3-qgc7
26
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
27
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
9
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
10
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
11
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
12
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2020-35662, GHSA-qx72-q6w3-qgc7, PYSEC-2021-75
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6j4-qrr2-3qae
33
url VCID-wvyr-dwg5-cya3
vulnerability_id VCID-wvyr-dwg5-cya3
summary An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-25284
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05976
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-25284
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-53.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-53.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L37
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L37
5
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L37
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L37
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L37
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L37
7
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/releases
8
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html
9
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
19
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
20
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
21
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202103-01
22
reference_url https://security.gentoo.org/glsa/202310-22
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-22
23
reference_url https://www.debian.org/security/2021/dsa-5011
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5011
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-25284
reference_id CVE-2021-25284
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-25284
25
reference_url https://github.com/advisories/GHSA-r55w-xph5-xvx2
reference_id GHSA-r55w-xph5-xvx2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r55w-xph5-xvx2
26
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3000.7
purl pkg:pypi/salt@3000.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.7
9
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
10
url pkg:pypi/salt@3001.5
purl pkg:pypi/salt@3001.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.5
11
url pkg:pypi/salt@3002.3
purl pkg:pypi/salt@3002.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-dqnw-edrq-hka2
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-eq7b-wcab-rqfq
12
vulnerability VCID-fgrx-cjat-x7dc
13
vulnerability VCID-k7nb-cgu8-tye8
14
vulnerability VCID-kfjs-6e5q-j3aj
15
vulnerability VCID-n3sc-mzk3-n7cg
16
vulnerability VCID-n4vy-d4dh-x7gu
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-w6j4-qrr2-3qae
19
vulnerability VCID-wvyr-dwg5-cya3
20
vulnerability VCID-z6gy-m65u-wqgh
21
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.3
12
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases CVE-2021-25284, GHSA-r55w-xph5-xvx2, PYSEC-2021-53
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wvyr-dwg5-cya3
34
url VCID-z2wc-w8ae-q3a9
vulnerability_id VCID-z2wc-w8ae-q3a9
summary SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4.
references
0
reference_url https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534
reference_id
reference_type
scores
url https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534
1
reference_url https://github.com/saltstack/salt/pull/51462
reference_id
reference_type
scores
url https://github.com/saltstack/salt/pull/51462
2
reference_url https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a
reference_id
reference_type
scores
url https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a
fixed_packages
0
url pkg:pypi/salt@2018.3.4
purl pkg:pypi/salt@2018.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9agn-habm-fkh7
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-daqt-gz5r-hbfs
12
vulnerability VCID-dqnw-edrq-hka2
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-eq7b-wcab-rqfq
15
vulnerability VCID-fgrx-cjat-x7dc
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-k7nb-cgu8-tye8
19
vulnerability VCID-kfjs-6e5q-j3aj
20
vulnerability VCID-kpfs-vzc3-f3br
21
vulnerability VCID-n3sc-mzk3-n7cg
22
vulnerability VCID-n4vy-d4dh-x7gu
23
vulnerability VCID-qupk-axwe-k7dq
24
vulnerability VCID-r3m9-163d-myff
25
vulnerability VCID-w6j4-qrr2-3qae
26
vulnerability VCID-wvyr-dwg5-cya3
27
vulnerability VCID-z6gy-m65u-wqgh
28
vulnerability VCID-zc1e-1a3m-87c3
29
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.3.4
aliases PYSEC-2019-49
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z2wc-w8ae-q3a9
35
url VCID-z6gy-m65u-wqgh
vulnerability_id VCID-z6gy-m65u-wqgh
summary An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22004
reference_id
reference_type
scores
0
value 0.0014
scoring_system epss
scoring_elements 0.33826
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22004
1
reference_url https://github.com/advisories/GHSA-xf37-qcvf-7m57
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xf37-qcvf-7m57
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-346.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-346.yaml
3
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/
10
reference_url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02
11
reference_url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-22004
reference_id CVE-2021-22004
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-22004
fixed_packages
0
url pkg:pypi/salt@3003.3
purl pkg:pypi/salt@3003.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6y9z-4cqf-dbhh
1
vulnerability VCID-r3m9-163d-myff
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3003.3
aliases CVE-2021-22004, GHSA-xf37-qcvf-7m57, PYSEC-2021-346
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6gy-m65u-wqgh
36
url VCID-zc1e-1a3m-87c3
vulnerability_id VCID-zc1e-1a3m-87c3
summary An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
references
0
reference_url https://github.com/saltstack/salt/releases
reference_id
reference_type
scores
url https://github.com/saltstack/salt/releases
1
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/
4
reference_url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
reference_id
reference_type
scores
url https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
5
reference_url https://security.gentoo.org/glsa/202103-01
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/202103-01
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.5
purl pkg:pypi/salt@2016.11.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9agn-habm-fkh7
9
vulnerability VCID-9cpe-uywb-zfbc
10
vulnerability VCID-a5sa-utfb-yyc6
11
vulnerability VCID-anh6-63ah-sfhj
12
vulnerability VCID-c3tf-kuxu-euaz
13
vulnerability VCID-daqt-gz5r-hbfs
14
vulnerability VCID-dttu-htyd-tkcc
15
vulnerability VCID-fm6f-fxrk-hqe2
16
vulnerability VCID-hzv7-m2fc-4uej
17
vulnerability VCID-jn54-7udz-8ydy
18
vulnerability VCID-kpfs-vzc3-f3br
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qupk-axwe-k7dq
21
vulnerability VCID-qvxh-acut-7qhb
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-z2wc-w8ae-q3a9
24
vulnerability VCID-z6gy-m65u-wqgh
25
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.5
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
4
url pkg:pypi/salt@2019.2.0rc1
purl pkg:pypi/salt@2019.2.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-r3m9-163d-myff
15
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.0rc1
5
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
6
url pkg:pypi/salt@2019.2.8
purl pkg:pypi/salt@2019.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.8
7
url pkg:pypi/salt@3000.6
purl pkg:pypi/salt@3000.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.6
8
url pkg:pypi/salt@3001.4
purl pkg:pypi/salt@3001.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.4
9
url pkg:pypi/salt@3002.5
purl pkg:pypi/salt@3002.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-dttu-htyd-tkcc
8
vulnerability VCID-n4vy-d4dh-x7gu
9
vulnerability VCID-r3m9-163d-myff
10
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.5
aliases PYSEC-2021-362
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zc1e-1a3m-87c3
37
url VCID-zhu7-et2m-nycg
vulnerability_id VCID-zhu7-et2m-nycg
summary The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-17490
reference_id
reference_type
scores
0
value 0.00046
scoring_system epss
scoring_elements 0.14519
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-17490
2
reference_url https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/index.html#latest-branch-release
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-105.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-105.yaml
5
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
6
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10
7
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10
8
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10
9
reference_url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L13
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L13
10
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/
13
reference_url https://security.gentoo.org/glsa/202011-13
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202011-13
14
reference_url https://www.debian.org/security/2021/dsa-4837
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4837
15
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves
16
reference_url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
reference_id
reference_type
scores
url https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-17490
reference_id CVE-2020-17490
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-17490
18
reference_url https://github.com/advisories/GHSA-3c56-vx6v-q5vh
reference_id GHSA-3c56-vx6v-q5vh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3c56-vx6v-q5vh
19
reference_url https://usn.ubuntu.com/6948-1/
reference_id USN-6948-1
reference_type
scores
url https://usn.ubuntu.com/6948-1/
fixed_packages
0
url pkg:pypi/salt@2016.11.3
purl pkg:pypi/salt@2016.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-kpue-fsd4-akdq
19
vulnerability VCID-n4vy-d4dh-x7gu
20
vulnerability VCID-qvxh-acut-7qhb
21
vulnerability VCID-r3m9-163d-myff
22
vulnerability VCID-z2wc-w8ae-q3a9
23
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.3
1
url pkg:pypi/salt@2016.11.6
purl pkg:pypi/salt@2016.11.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-5s8t-r4qa-yfb7
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-n4vy-d4dh-x7gu
19
vulnerability VCID-qvxh-acut-7qhb
20
vulnerability VCID-r3m9-163d-myff
21
vulnerability VCID-z2wc-w8ae-q3a9
22
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.6
2
url pkg:pypi/salt@2016.11.10
purl pkg:pypi/salt@2016.11.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-c3tf-kuxu-euaz
9
vulnerability VCID-daqt-gz5r-hbfs
10
vulnerability VCID-dttu-htyd-tkcc
11
vulnerability VCID-fm6f-fxrk-hqe2
12
vulnerability VCID-hzv7-m2fc-4uej
13
vulnerability VCID-jn54-7udz-8ydy
14
vulnerability VCID-kpfs-vzc3-f3br
15
vulnerability VCID-n4vy-d4dh-x7gu
16
vulnerability VCID-qvxh-acut-7qhb
17
vulnerability VCID-r3m9-163d-myff
18
vulnerability VCID-z2wc-w8ae-q3a9
19
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.10
3
url pkg:pypi/salt@2017.7.4
purl pkg:pypi/salt@2017.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2db5-ek61-2bdx
1
vulnerability VCID-3qku-wmk8-5bg1
2
vulnerability VCID-49dv-x94w-suda
3
vulnerability VCID-5s8t-r4qa-yfb7
4
vulnerability VCID-6y9z-4cqf-dbhh
5
vulnerability VCID-7qmj-yzm7-yfhs
6
vulnerability VCID-84t6-tnd4-r3gq
7
vulnerability VCID-9cpe-uywb-zfbc
8
vulnerability VCID-anh6-63ah-sfhj
9
vulnerability VCID-bddr-7e3e-gfch
10
vulnerability VCID-c3tf-kuxu-euaz
11
vulnerability VCID-daqt-gz5r-hbfs
12
vulnerability VCID-dqnw-edrq-hka2
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-eq7b-wcab-rqfq
15
vulnerability VCID-fgrx-cjat-x7dc
16
vulnerability VCID-fm6f-fxrk-hqe2
17
vulnerability VCID-hzv7-m2fc-4uej
18
vulnerability VCID-jn54-7udz-8ydy
19
vulnerability VCID-k7nb-cgu8-tye8
20
vulnerability VCID-kfjs-6e5q-j3aj
21
vulnerability VCID-kpfs-vzc3-f3br
22
vulnerability VCID-n3sc-mzk3-n7cg
23
vulnerability VCID-n4vy-d4dh-x7gu
24
vulnerability VCID-qvxh-acut-7qhb
25
vulnerability VCID-r3m9-163d-myff
26
vulnerability VCID-w6j4-qrr2-3qae
27
vulnerability VCID-wvyr-dwg5-cya3
28
vulnerability VCID-z2wc-w8ae-q3a9
29
vulnerability VCID-z6gy-m65u-wqgh
30
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.4
4
url pkg:pypi/salt@2017.7.8
purl pkg:pypi/salt@2017.7.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-daqt-gz5r-hbfs
9
vulnerability VCID-dttu-htyd-tkcc
10
vulnerability VCID-hzv7-m2fc-4uej
11
vulnerability VCID-jn54-7udz-8ydy
12
vulnerability VCID-kpfs-vzc3-f3br
13
vulnerability VCID-n4vy-d4dh-x7gu
14
vulnerability VCID-qvxh-acut-7qhb
15
vulnerability VCID-r3m9-163d-myff
16
vulnerability VCID-z2wc-w8ae-q3a9
17
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2017.7.8
5
url pkg:pypi/salt@2018.3.5
purl pkg:pypi/salt@2018.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-daqt-gz5r-hbfs
11
vulnerability VCID-dqnw-edrq-hka2
12
vulnerability VCID-dttu-htyd-tkcc
13
vulnerability VCID-eq7b-wcab-rqfq
14
vulnerability VCID-fgrx-cjat-x7dc
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-k7nb-cgu8-tye8
18
vulnerability VCID-kfjs-6e5q-j3aj
19
vulnerability VCID-kpfs-vzc3-f3br
20
vulnerability VCID-n3sc-mzk3-n7cg
21
vulnerability VCID-n4vy-d4dh-x7gu
22
vulnerability VCID-r3m9-163d-myff
23
vulnerability VCID-w6j4-qrr2-3qae
24
vulnerability VCID-wvyr-dwg5-cya3
25
vulnerability VCID-z6gy-m65u-wqgh
26
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2018.3.5
6
url pkg:pypi/salt@2019.2.5
purl pkg:pypi/salt@2019.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-5s8t-r4qa-yfb7
2
vulnerability VCID-6y9z-4cqf-dbhh
3
vulnerability VCID-7qmj-yzm7-yfhs
4
vulnerability VCID-84t6-tnd4-r3gq
5
vulnerability VCID-9cpe-uywb-zfbc
6
vulnerability VCID-anh6-63ah-sfhj
7
vulnerability VCID-c3tf-kuxu-euaz
8
vulnerability VCID-dttu-htyd-tkcc
9
vulnerability VCID-n4vy-d4dh-x7gu
10
vulnerability VCID-r3m9-163d-myff
11
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.5
7
url pkg:pypi/salt@2019.2.6
purl pkg:pypi/salt@2019.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2019.2.6
8
url pkg:pypi/salt@3000.3
purl pkg:pypi/salt@3000.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.3
9
url pkg:pypi/salt@3000.4
purl pkg:pypi/salt@3000.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3000.4
10
url pkg:pypi/salt@3001.2
purl pkg:pypi/salt@3001.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3001.2
11
url pkg:pypi/salt@3002.1
purl pkg:pypi/salt@3002.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qku-wmk8-5bg1
1
vulnerability VCID-49dv-x94w-suda
2
vulnerability VCID-5s8t-r4qa-yfb7
3
vulnerability VCID-6y9z-4cqf-dbhh
4
vulnerability VCID-7qmj-yzm7-yfhs
5
vulnerability VCID-84t6-tnd4-r3gq
6
vulnerability VCID-9cpe-uywb-zfbc
7
vulnerability VCID-anh6-63ah-sfhj
8
vulnerability VCID-bddr-7e3e-gfch
9
vulnerability VCID-c3tf-kuxu-euaz
10
vulnerability VCID-dqnw-edrq-hka2
11
vulnerability VCID-dttu-htyd-tkcc
12
vulnerability VCID-eq7b-wcab-rqfq
13
vulnerability VCID-fgrx-cjat-x7dc
14
vulnerability VCID-k7nb-cgu8-tye8
15
vulnerability VCID-kfjs-6e5q-j3aj
16
vulnerability VCID-n3sc-mzk3-n7cg
17
vulnerability VCID-n4vy-d4dh-x7gu
18
vulnerability VCID-r3m9-163d-myff
19
vulnerability VCID-w6j4-qrr2-3qae
20
vulnerability VCID-wvyr-dwg5-cya3
21
vulnerability VCID-z6gy-m65u-wqgh
22
vulnerability VCID-zc1e-1a3m-87c3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@3002.1
aliases CVE-2020-17490, GHSA-3c56-vx6v-q5vh, PYSEC-2020-105
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zhu7-et2m-nycg
Fixing_vulnerabilities
0
url VCID-a8mx-rnzd-jydu
vulnerability_id VCID-a8mx-rnzd-jydu
summary When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5192
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.3518
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5192
1
reference_url https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html
2
reference_url https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html
3
reference_url https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-38.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-38.yaml
5
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5192
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-5192
fixed_packages
0
url pkg:pypi/salt@2015.8.13
purl pkg:pypi/salt@2015.8.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-6y9z-4cqf-dbhh
5
vulnerability VCID-7k8b-xcq4-tyed
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-n4vy-d4dh-x7gu
19
vulnerability VCID-qvxh-acut-7qhb
20
vulnerability VCID-r3m9-163d-myff
21
vulnerability VCID-z2wc-w8ae-q3a9
22
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2015.8.13
1
url pkg:pypi/salt@2016.3.5
purl pkg:pypi/salt@2016.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-49dv-x94w-suda
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7k8b-xcq4-tyed
7
vulnerability VCID-7qmj-yzm7-yfhs
8
vulnerability VCID-84t6-tnd4-r3gq
9
vulnerability VCID-9agn-habm-fkh7
10
vulnerability VCID-9cpe-uywb-zfbc
11
vulnerability VCID-a5sa-utfb-yyc6
12
vulnerability VCID-anh6-63ah-sfhj
13
vulnerability VCID-bddr-7e3e-gfch
14
vulnerability VCID-c3tf-kuxu-euaz
15
vulnerability VCID-daqt-gz5r-hbfs
16
vulnerability VCID-dqnw-edrq-hka2
17
vulnerability VCID-dttu-htyd-tkcc
18
vulnerability VCID-eq7b-wcab-rqfq
19
vulnerability VCID-fgrx-cjat-x7dc
20
vulnerability VCID-fm6f-fxrk-hqe2
21
vulnerability VCID-hzv7-m2fc-4uej
22
vulnerability VCID-jn54-7udz-8ydy
23
vulnerability VCID-k7nb-cgu8-tye8
24
vulnerability VCID-kfjs-6e5q-j3aj
25
vulnerability VCID-kpfs-vzc3-f3br
26
vulnerability VCID-n3sc-mzk3-n7cg
27
vulnerability VCID-n4vy-d4dh-x7gu
28
vulnerability VCID-qupk-axwe-k7dq
29
vulnerability VCID-qvxh-acut-7qhb
30
vulnerability VCID-r3m9-163d-myff
31
vulnerability VCID-w6j4-qrr2-3qae
32
vulnerability VCID-wvyr-dwg5-cya3
33
vulnerability VCID-z2wc-w8ae-q3a9
34
vulnerability VCID-z6gy-m65u-wqgh
35
vulnerability VCID-zc1e-1a3m-87c3
36
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.3.5
2
url pkg:pypi/salt@2016.11.2
purl pkg:pypi/salt@2016.11.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-49dv-x94w-suda
5
vulnerability VCID-5s8t-r4qa-yfb7
6
vulnerability VCID-6y9z-4cqf-dbhh
7
vulnerability VCID-7qmj-yzm7-yfhs
8
vulnerability VCID-84t6-tnd4-r3gq
9
vulnerability VCID-9agn-habm-fkh7
10
vulnerability VCID-9cpe-uywb-zfbc
11
vulnerability VCID-a5sa-utfb-yyc6
12
vulnerability VCID-anh6-63ah-sfhj
13
vulnerability VCID-bddr-7e3e-gfch
14
vulnerability VCID-c3tf-kuxu-euaz
15
vulnerability VCID-daqt-gz5r-hbfs
16
vulnerability VCID-dqnw-edrq-hka2
17
vulnerability VCID-dttu-htyd-tkcc
18
vulnerability VCID-eq7b-wcab-rqfq
19
vulnerability VCID-fgrx-cjat-x7dc
20
vulnerability VCID-fm6f-fxrk-hqe2
21
vulnerability VCID-hzv7-m2fc-4uej
22
vulnerability VCID-jn54-7udz-8ydy
23
vulnerability VCID-k7nb-cgu8-tye8
24
vulnerability VCID-kfjs-6e5q-j3aj
25
vulnerability VCID-kpfs-vzc3-f3br
26
vulnerability VCID-kpue-fsd4-akdq
27
vulnerability VCID-n3sc-mzk3-n7cg
28
vulnerability VCID-n4vy-d4dh-x7gu
29
vulnerability VCID-qupk-axwe-k7dq
30
vulnerability VCID-qvxh-acut-7qhb
31
vulnerability VCID-r3m9-163d-myff
32
vulnerability VCID-w6j4-qrr2-3qae
33
vulnerability VCID-wvyr-dwg5-cya3
34
vulnerability VCID-z2wc-w8ae-q3a9
35
vulnerability VCID-z6gy-m65u-wqgh
36
vulnerability VCID-zc1e-1a3m-87c3
37
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.2
aliases CVE-2017-5192, GHSA-f2h7-4f84-8qrm, PYSEC-2017-38
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8mx-rnzd-jydu
1
url VCID-gfyd-1pm9-gfa9
vulnerability_id VCID-gfyd-1pm9-gfa9
summary Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's ssh_client.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5200
reference_id
reference_type
scores
0
value 0.00932
scoring_system epss
scoring_elements 0.76462
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5200
1
reference_url https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/2016.3/topics/releases/2015.8.13.html
2
reference_url https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/2016.3/topics/releases/2016.3.5.html
3
reference_url https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.saltstack.com/en/latest/topics/releases/2016.11.2.html
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-39.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-39.yaml
6
reference_url https://github.com/saltstack/salt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/saltstack/salt
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5200
reference_id CVE-2017-5200
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-5200
8
reference_url https://github.com/advisories/GHSA-8r7r-x48r-pf8f
reference_id GHSA-8r7r-x48r-pf8f
reference_type
scores
url https://github.com/advisories/GHSA-8r7r-x48r-pf8f
fixed_packages
0
url pkg:pypi/salt@2015.8.13
purl pkg:pypi/salt@2015.8.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-6y9z-4cqf-dbhh
5
vulnerability VCID-7k8b-xcq4-tyed
6
vulnerability VCID-7qmj-yzm7-yfhs
7
vulnerability VCID-84t6-tnd4-r3gq
8
vulnerability VCID-9cpe-uywb-zfbc
9
vulnerability VCID-a5sa-utfb-yyc6
10
vulnerability VCID-anh6-63ah-sfhj
11
vulnerability VCID-c3tf-kuxu-euaz
12
vulnerability VCID-daqt-gz5r-hbfs
13
vulnerability VCID-dttu-htyd-tkcc
14
vulnerability VCID-fm6f-fxrk-hqe2
15
vulnerability VCID-hzv7-m2fc-4uej
16
vulnerability VCID-jn54-7udz-8ydy
17
vulnerability VCID-kpfs-vzc3-f3br
18
vulnerability VCID-n4vy-d4dh-x7gu
19
vulnerability VCID-qvxh-acut-7qhb
20
vulnerability VCID-r3m9-163d-myff
21
vulnerability VCID-z2wc-w8ae-q3a9
22
vulnerability VCID-z6gy-m65u-wqgh
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2015.8.13
1
url pkg:pypi/salt@2016.3.5
purl pkg:pypi/salt@2016.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-49dv-x94w-suda
5
vulnerability VCID-6y9z-4cqf-dbhh
6
vulnerability VCID-7k8b-xcq4-tyed
7
vulnerability VCID-7qmj-yzm7-yfhs
8
vulnerability VCID-84t6-tnd4-r3gq
9
vulnerability VCID-9agn-habm-fkh7
10
vulnerability VCID-9cpe-uywb-zfbc
11
vulnerability VCID-a5sa-utfb-yyc6
12
vulnerability VCID-anh6-63ah-sfhj
13
vulnerability VCID-bddr-7e3e-gfch
14
vulnerability VCID-c3tf-kuxu-euaz
15
vulnerability VCID-daqt-gz5r-hbfs
16
vulnerability VCID-dqnw-edrq-hka2
17
vulnerability VCID-dttu-htyd-tkcc
18
vulnerability VCID-eq7b-wcab-rqfq
19
vulnerability VCID-fgrx-cjat-x7dc
20
vulnerability VCID-fm6f-fxrk-hqe2
21
vulnerability VCID-hzv7-m2fc-4uej
22
vulnerability VCID-jn54-7udz-8ydy
23
vulnerability VCID-k7nb-cgu8-tye8
24
vulnerability VCID-kfjs-6e5q-j3aj
25
vulnerability VCID-kpfs-vzc3-f3br
26
vulnerability VCID-n3sc-mzk3-n7cg
27
vulnerability VCID-n4vy-d4dh-x7gu
28
vulnerability VCID-qupk-axwe-k7dq
29
vulnerability VCID-qvxh-acut-7qhb
30
vulnerability VCID-r3m9-163d-myff
31
vulnerability VCID-w6j4-qrr2-3qae
32
vulnerability VCID-wvyr-dwg5-cya3
33
vulnerability VCID-z2wc-w8ae-q3a9
34
vulnerability VCID-z6gy-m65u-wqgh
35
vulnerability VCID-zc1e-1a3m-87c3
36
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.3.5
2
url pkg:pypi/salt@2016.11.2
purl pkg:pypi/salt@2016.11.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15a9-6v52-mbhm
1
vulnerability VCID-2db5-ek61-2bdx
2
vulnerability VCID-35um-xhk7-5yeg
3
vulnerability VCID-3qku-wmk8-5bg1
4
vulnerability VCID-49dv-x94w-suda
5
vulnerability VCID-5s8t-r4qa-yfb7
6
vulnerability VCID-6y9z-4cqf-dbhh
7
vulnerability VCID-7qmj-yzm7-yfhs
8
vulnerability VCID-84t6-tnd4-r3gq
9
vulnerability VCID-9agn-habm-fkh7
10
vulnerability VCID-9cpe-uywb-zfbc
11
vulnerability VCID-a5sa-utfb-yyc6
12
vulnerability VCID-anh6-63ah-sfhj
13
vulnerability VCID-bddr-7e3e-gfch
14
vulnerability VCID-c3tf-kuxu-euaz
15
vulnerability VCID-daqt-gz5r-hbfs
16
vulnerability VCID-dqnw-edrq-hka2
17
vulnerability VCID-dttu-htyd-tkcc
18
vulnerability VCID-eq7b-wcab-rqfq
19
vulnerability VCID-fgrx-cjat-x7dc
20
vulnerability VCID-fm6f-fxrk-hqe2
21
vulnerability VCID-hzv7-m2fc-4uej
22
vulnerability VCID-jn54-7udz-8ydy
23
vulnerability VCID-k7nb-cgu8-tye8
24
vulnerability VCID-kfjs-6e5q-j3aj
25
vulnerability VCID-kpfs-vzc3-f3br
26
vulnerability VCID-kpue-fsd4-akdq
27
vulnerability VCID-n3sc-mzk3-n7cg
28
vulnerability VCID-n4vy-d4dh-x7gu
29
vulnerability VCID-qupk-axwe-k7dq
30
vulnerability VCID-qvxh-acut-7qhb
31
vulnerability VCID-r3m9-163d-myff
32
vulnerability VCID-w6j4-qrr2-3qae
33
vulnerability VCID-wvyr-dwg5-cya3
34
vulnerability VCID-z2wc-w8ae-q3a9
35
vulnerability VCID-z6gy-m65u-wqgh
36
vulnerability VCID-zc1e-1a3m-87c3
37
vulnerability VCID-zhu7-et2m-nycg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.2
aliases CVE-2017-5200, GHSA-8r7r-x48r-pf8f, PYSEC-2017-39
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfyd-1pm9-gfa9
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/salt@2016.11.2