VYPR
High severity8.8NVD Advisory· Published Mar 29, 2022· Updated Jun 17, 2026

CVE-2022-22936

CVE-2022-22936

Description

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A sufficient craft attacker could gain root access on minion under certain scenarios.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
saltPyPI
< 3002.83002.8
saltPyPI
>= 3003, < 3003.43003.4
saltPyPI
>= 3004, < 3004.13004.1

Affected products

35

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.