PYSEC-2026-1898

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/salt/PYSEC-2026-1898.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-1898
Aliases
Published
2026-07-07T16:02:55.014568Z
Modified
2026-07-07T17:48:09.321773936Z
Severity
  • 6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Salt's on demand pillar functionality vulnerable to arbitrary command injections
Details

An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process.

References

Affected packages

PyPI / salt

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3006.0rc1
Fixed
3006.12
Introduced
3007.0rc1
Fixed
3007.4

Affected versions

3006.*
3006.0rc1
3006.0rc2
3006.0rc3
3006.0
3006.1
3006.2
3006.3
3006.4
3006.5
3006.6
3006.7
3006.8
3006.9
3006.10
3006.11
3007.*
3007.0rc1
3007.0
3007.1
3007.2
3007.3

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/salt/PYSEC-2026-1898.yaml"