OSV - Open Source Vulnerabilities

GHSA-77w2-v593-vxvv

PyPI/salt

Salt junos Module Vulnerable to Code Injection via Specially Crafted YAML Payload

30 Jan

Fix available
Severity - 7.3 (High)

GHSA-vcf3-26xf-fw4m

PyPI/salt

Salt Authentication Protocol Version Downgrade Allows Minion Impersonation

30 Jan

Fix available
Severity - 7.5 (High)

GHSA-8pcp-r83j-fc92

PyPI/salt

Salt vulnerable to directory traversal attack in file receiving method

13 Jun 2025

Fix available
Severity - 9.6 (Critical)

GHSA-989c-m532-p2hv

PyPI/salt

Salt's worker process vulnerable to denial of service through file read operation

13 Jun 2025

Fix available
Severity - 5.6 (Medium)

GHSA-4j59-vv55-q6h3

PyPI/salt

Salt's salt.auth.pki module does not properly authenticate callers

13 Jun 2025

Fix available
Severity - 6.4 (Medium)

GHSA-7f3f-x5f5-79gw

PyPI/salt

Salt's file contents overwrite the VirtKey class

13 Jun 2025

Fix available
Severity - 5.6 (Medium)

GHSA-c46w-gr7f-jm2p

PyPI/salt

Salt vulnerable to arbitrary event injection

13 Jun 2025

Fix available
Severity - 8.1 (High)

GHSA-fcr4-h6c4-rvvp

PyPI/salt

Salt's on demand pillar functionality vulnerable to arbitrary command injections

13 Jun 2025

Fix available
Severity - 6.7 (Medium)

GHSA-jh7c-xh74-h76f

PyPI/salt

Salt has minion event bus authorization bypass vulnerability

13 Jun 2025

Fix available
Severity - 8.1 (High)

GHSA-r546-h3ff-q585

PyPI/salt

Salt vulnerable to directory traversal attack in minion file cache creation

13 Jun 2025

Fix available
Severity - 4.2 (Medium)

GHSA-xh32-3m67-qjgf

PyPI/salt

Salt allows arbitrary directory creation or file deletion

13 Jun 2025

Fix available
Severity - 6.3 (Medium)

GHSA-4277-m35q-7c9w

PyPI/salt

Salt preflight script could be attacker controlled

14 Nov 2024

Fix available
Severity - 6.7 (Medium)

GHSA-2qw3-2wv6-p64x

PyPI/salt

Path traversal in saltstack

27 Jun 2024

Fix available
Severity - 7.7 (High)

GHSA-q27c-j6j9-53w3

PyPI/salt

Directory creation by malicious user in saltstack

27 Jun 2024

Fix available
Severity - 5.0 (Medium)

GHSA-qvh6-3j7x-3hq7

PyPI/salt

Salt can cause Git Providers to get wrong data

05 Sep 2023

Fix available
Severity - 4.2 (Medium)

GHSA-vpjg-wmf8-29h9

PyPI/salt

Salt vulnerable to denial of service

05 Sep 2023

Fix available
Severity - 5.3 (Medium)