VYPR

rpm package

suse/saltbundlepy-msgpack&distro=SUSE:EL-9:Update:Products:SaltBundle:Update

pkg:rpm/suse/saltbundlepy-msgpack&distro=SUSE:EL-9:Update:Products:SaltBundle:Update

Vulnerabilities (14)

  • CVE-2025-62349MedJan 30, 2026
    affected < 1.1.0-1.17.1fixed 1.1.0-1.17.1

    Salt contains an authentication protocol version downgrade weakness that can allow a malicious minion to bypass newer authentication/security features by using an older request payload format, enabling minion impersonation and circumventing protections introduced in response to p

  • CVE-2025-62348HigJan 30, 2026
    affected < 1.1.0-1.17.1fixed 1.1.0-1.17.1

    Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process.

  • CVE-2024-38824CriJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.

  • CVE-2025-22242MedJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pub_ret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this

  • CVE-2025-22241MedJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a sp

  • CVE-2025-22240MedJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    Arbitrary directory creation or file deletion. In the find_file method of the GitFS class, a path is created using os.path.join using unvalidated input from the “tgt_env” variable. This can be exploited by an attacker to delete any file on the Master's process has permissions to.

  • CVE-2025-22239HigJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    Arbitrary event injection on Salt Master. The master's "_minion_event" method can be used by and authorized minion to send arbitrary events onto the master's event bus.

  • CVE-2025-22238MedJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    Directory traversal attack in minion file cache creation. The master's default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite 'cache' files outside of the cache directory.

  • CVE-2025-22237MedJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process.

  • CVE-2025-22236HigJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions (>= 3007.0).

  • CVE-2024-38825MedJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for t

  • CVE-2024-38823LowJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport.

  • CVE-2024-38822LowJun 13, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.

  • CVE-2025-47287HigMay 15, 2025
    affected < 1.0.7-1.14.1fixed 1.0.7-1.14.1

    Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high vo