SaltStack Salt Directory Traversal vulnerability in salt-api
Moderate severity
GitHub Reviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Oct 23, 2024
Package
Affected versions
>= 2017.7.0, < 2017.7.8
>= 2018.3.0, < 2018.3.3
>= 2016.11.0, < 2016.11.10
Patched versions
2017.7.8
2018.3.3
2016.11.10
Description
Published by the National Vulnerability Database
Oct 24, 2018
Published to the GitHub Advisory Database
May 13, 2022
Reviewed
Apr 22, 2024
Last updated
Oct 23, 2024
Directory Traversal vulnerability in salt-api in SaltStack Salt 2016.11.x before 2016.11.10, 2017.7.x before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server.
References