VYPR

rpm package

suse/py27-compat-salt&distro=SUSE Manager Server Module 4.0

pkg:rpm/suse/py27-compat-salt&distro=SUSE%20Manager%20Server%20Module%204.0

Vulnerabilities (2)

  • CVE-2021-31607Apr 23, 2021
    affected < 3000.3-4.3.3fixed 3000.3-4.3.3

    In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the s

  • CVE-2021-28657Mar 31, 2021
    affected < 3000.3-4.3.3fixed 3000.3-4.3.3

    A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later.