Critical severity9.1NVD Advisory· Published Feb 7, 2017· Updated May 13, 2026
CVE-2016-9639
CVE-2016-9639
Description
Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
saltPyPI | < 2015.8.11 | 2015.8.11 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.openwall.com/lists/oss-security/2016/11/25/2nvdMailing ListThird Party AdvisoryWEB
- www.openwall.com/lists/oss-security/2016/11/25/3nvdMailing ListThird Party AdvisoryWEB
- www.securityfocus.com/bid/94553nvdThird Party AdvisoryVDB Entry
- docs.saltstack.com/en/2015.8/ref/configuration/master.htmlnvdVendor AdvisoryWEB
- github.com/advisories/GHSA-hvmj-356c-gpf4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-9639ghsaADVISORY
- docs.saltproject.io/en/latest/topics/releases/2015.8.11.htmlghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-34.yamlghsaWEB
- web.archive.org/web/20200227212146/http://www.securityfocus.com/bid/94553ghsaWEB
News mentions
0No linked articles in our index yet.