PYSEC-2017-71
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/salt/PYSEC-2017-71.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2017-71
- Aliases
-
- CVE-2015-6941
- GHSA-cxm4-7qcw-267r
- Published
- 2017-08-09T16:29:00Z
- Modified
- 2026-06-10T17:14:19.044634601Z
- Summary
- [none]
- Details
-
win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs.
- References
-
- https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710
- https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html
- https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1273066
- https://github.com/advisories/GHSA-cxm4-7qcw-267r
Affected packages
PyPI / salt
Package
- Name
- salt
- View open source insights on deps.dev
- Purl
- pkg:pypi/salt
Affected ranges
- Type
- GIT
- Repo
- https://github.com/twangboy/salt
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- ECOSYSTEM
- Events
-
Introduced2015.5Fixed2015.5.6Introduced2015.8Fixed2015.8.1
Affected versions
v0.*
v0.6.0
v0.7.0
v0.8.0
v0.8.7
v0.8.9
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.9
v0.10.0
v0.10.1
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.11.0
v0.12.0
v0.13.0
v0.14.0
v0.15.0
v0.16
v0.17
v2014.*
v2014.1
v2014.7.0rc1
v2014.7.0rc2
v2014.7.0rc3
v2014.7.0rc4
v2014.7.0rc5
v2014.7.0rc6
v2014.7.0rc7
v2014.7.0
v2014.7
v2014.7.1
v2014.7.2
v2014.7.3
v2014.7.4
v2014.7.5
v2014.7.6
2015.*
2015.5.0
2015.5.1
2015.5.2
2015.5.3
2015.5.4
2015.5.5
2015.8.0