| CVE-2015-6918 |
medium |
6.3 |
6.3 |
|
|
|
9y ago |
salt before 2015.5.5 leaks git usernames and passwords to the log. |
| CVE-2013-4435 |
medium |
— |
6.0 |
|
|
|
13y ago |
Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another rou… |
| CVE-2016-3176 |
medium |
5.6 |
5.6 |
|
|
|
10y ago |
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with … |
| CVE-2015-1839 |
medium |
5.3 |
5.3 |
|
|
|
4y ago |
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. |
| CVE-2015-1838 |
medium |
5.3 |
5.3 |
|
|
|
9y ago |
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. |
| CVE-2013-4439 |
medium |
— |
4.9 |
|
|
|
13y ago |
Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key. |
| CVE-2015-8034 |
low |
3.3 |
3.3 |
|
|
|
4y ago |
The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file. |
