VYPR

rpm package

suse/saltbundlepy-m2crypto&distro=SUSE:EL-9:Update:Products:SaltBundle:Update

pkg:rpm/suse/saltbundlepy-m2crypto&distro=SUSE:EL-9:Update:Products:SaltBundle:Update

Vulnerabilities (18)

  • CVE-2025-62349MedJan 30, 2026
    affected < 0.45.1-1.15.1fixed 0.45.1-1.15.1

    Salt contains an authentication protocol version downgrade weakness that can allow a malicious minion to bypass newer authentication/security features by using an older request payload format, enabling minion impersonation and circumventing protections introduced in response to p

  • CVE-2025-62348HigJan 30, 2026
    affected < 0.45.1-1.15.1fixed 0.45.1-1.15.1

    Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process.

  • CVE-2025-67726Dec 12, 2025
    affected < 0.45.1-1.18.2fixed 0.45.1-1.18.2

    Tornado is a Python web framework and asynchronous networking library. Versions 6.5.2 and below use an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The _parseparam function in httputil.py is used to parse specific HTTP header va

  • CVE-2025-67725Dec 12, 2025
    affected < 0.45.1-1.18.2fixed 0.45.1-1.18.2

    Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, a single maliciously crafted HTTP request can block the server's event loop for an extended period, caused by the HTTPHeaders.add method. The function accumulates values using stri

  • CVE-2025-67724Dec 12, 2025
    affected < 0.45.1-1.18.2fixed 0.45.1-1.18.2

    Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, the supplied reason phrase is used unescaped in HTTP headers (where it could be used for header injection) or in HTML in the default error page (where it could be used for XSS) and

  • CVE-2025-13836HigDec 1, 2025
    affected < 0.45.1-1.18.2fixed 0.45.1-1.18.2

    When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.

  • CVE-2025-22242MedJun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pub_ret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this

  • CVE-2025-22241MedJun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a sp

  • CVE-2025-22240MedJun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    Arbitrary directory creation or file deletion. In the find_file method of the GitFS class, a path is created using os.path.join using unvalidated input from the “tgt_env” variable. This can be exploited by an attacker to delete any file on the Master's process has permissions to.

  • CVE-2025-22239HigJun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    Arbitrary event injection on Salt Master. The master's "_minion_event" method can be used by and authorized minion to send arbitrary events onto the master's event bus.

  • CVE-2025-22238MedJun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    Directory traversal attack in minion file cache creation. The master's default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite 'cache' files outside of the cache directory.

  • CVE-2025-22237MedJun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process.

  • CVE-2025-22236HigJun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions (>= 3007.0).

  • CVE-2024-38825MedJun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for t

  • CVE-2024-38823LowJun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport.

  • CVE-2024-38822LowJun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.

  • CVE-2024-38824Jun 13, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.

  • CVE-2025-47287May 15, 2025
    affected < 0.45.1-1.12.1fixed 0.45.1-1.12.1

    Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high vo