GHSA-xh32-3m67-qjgf

Source

https://github.com/advisories/GHSA-xh32-3m67-qjgf

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/06/GHSA-xh32-3m67-qjgf/GHSA-xh32-3m67-qjgf.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-xh32-3m67-qjgf

Aliases

CVE-2025-22240

Published

2025-06-13T09:30:33Z

Modified

2025-06-13T22:27:16.181167Z

Severity

6.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Salt allows arbitrary directory creation or file deletion

Details

Arbitrary directory creation or file deletion. In the findfile method of the GitFS class, a path is created using os.path.join using unvalidated input from the “tgtenv” variable. This can be exploited by an attacker to delete any file on the Master's process has permissions to.

Database specific

{
    "nvd_published_at": "2025-06-13T07:15:21Z",
    "severity": "MODERATE",
    "github_reviewed_at": "2025-06-13T21:54:24Z",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-22"
    ]
}

References

Affected packages

PyPI / salt

Package

Name: salt; View open source insights on deps.dev
Purl: pkg:pypi/salt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3007.0rc1

Fixed

3007.4

Affected versions

3007.*

3007.0rc1

3007.0

3007.1

3007.2

3007.3

PyPI / salt

Package

Name: salt; View open source insights on deps.dev
Purl: pkg:pypi/salt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3006.0rc1

Fixed

3006.12

Affected versions

3006.*

3006.0rc1

3006.0rc2

3006.0rc3

3006.0

3006.1

3006.2

3006.3

3006.4

3006.5

3006.6

3006.7

3006.8

3006.9

3006.10

3006.11