Vendor
Salt Project
Products
2
CVEs
2
Across products
2
Status
Private
Products
2- 1 CVE
- 1 CVE
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-38823 | Low | 0.18 | 2.7 | 0.00 | Jun 13, 2025 | Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport. | ||
| CVE-2024-38822 | Low | 0.18 | 2.7 | 0.00 | Jun 13, 2025 | Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion. |
- risk 0.18cvss 2.7epss 0.00
Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport.
- risk 0.18cvss 2.7epss 0.00
Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.