rpm package
suse/py27-compat-salt&distro=SUSE Manager Server Module 4.0
pkg:rpm/suse/py27-compat-salt&distro=SUSE%20Manager%20Server%20Module%204.0
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-31607 | — | < 3000.3-4.3.3 | 3000.3-4.3.3 | Apr 23, 2021 | In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the s | ||
| CVE-2021-28657 | — | < 3000.3-4.3.3 | 3000.3-4.3.3 | Mar 31, 2021 | A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later. |
- CVE-2021-31607Apr 23, 2021affected < 3000.3-4.3.3fixed 3000.3-4.3.3
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the s
- CVE-2021-28657Mar 31, 2021affected < 3000.3-4.3.3fixed 3000.3-4.3.3
A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later.