Critical severity9.1NVD Advisory· Published Feb 7, 2017· Updated Jun 17, 2026
CVE-2016-9639
CVE-2016-9639
Description
Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
saltPyPI | < 2015.8.11 | 2015.8.11 |
Affected products
16- ghsa-coords15 versionspkg:pypi/saltpkg:rpm/suse/osad&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLSpkg:rpm/suse/osad&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLSpkg:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%203pkg:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2012%20SP2pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLSpkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLSpkg:rpm/suse/salt&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/salt&distro=SUSE%20Manager%20Proxy%203.0pkg:rpm/suse/salt&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLSpkg:rpm/suse/spacewalk-backend&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLSpkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLSpkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS
< 2015.8.11+ 14 more
- (no CPE)range: < 2015.8.11
- (no CPE)range: < 5.11.64.3-5.1
- (no CPE)range: < 5.11.64.3-5.1
- (no CPE)range: < 2015.8.12-27.5
- (no CPE)range: < 2015.8.12-27.5
- (no CPE)range: < 2015.8.12-27.5
- (no CPE)range: < 2015.8.12-27.1
- (no CPE)range: < 2015.8.12-27.1
- (no CPE)range: < 2015.8.12-27.5
- (no CPE)range: < 2015.8.12-27.5
- (no CPE)range: < 2015.8.12-27.5
- (no CPE)range: < 2.5.24.7-16.1
- (no CPE)range: < 2.5.24.7-16.1
- (no CPE)range: < 3.0.5-5.1
- (no CPE)range: < 3.0.5-5.1
Patches
Vulnerability mechanics
References
9- www.openwall.com/lists/oss-security/2016/11/25/2nvdMailing ListThird Party AdvisoryWEB
- www.openwall.com/lists/oss-security/2016/11/25/3nvdMailing ListThird Party AdvisoryWEB
- www.securityfocus.com/bid/94553nvdThird Party AdvisoryVDB Entry
- docs.saltstack.com/en/2015.8/ref/configuration/master.htmlnvdVendor AdvisoryWEB
- github.com/advisories/GHSA-hvmj-356c-gpf4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-9639ghsaADVISORY
- docs.saltproject.io/en/latest/topics/releases/2015.8.11.htmlghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-34.yamlghsaWEB
- web.archive.org/web/20200227212146/http://www.securityfocus.com/bid/94553ghsaWEB
News mentions
0No linked articles in our index yet.