Vmware Salt Project vulnerabilities
2 known vulnerabilities affecting vmware/salt_project.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-22232P3HIGHCVSS 7.7fixed in 3005.5, 3006.62024-06-27
CVE-2024-22232 [HIGH] CWE-22 CVE-2024-22232: A specially crafted url can be created which leads to a directory traversal in the salt file server.
A specially crafted url can be created which leads to a directory traversal in the salt file server.
A malicious user can read an arbitrary file from a Salt master’s filesystem.
nvd
CVE-2024-22231P4MEDIUMCVSS 5.0fixed in 3005.5, 3006.62024-06-27
CVE-2024-22231 [MEDIUM] CWE-22 CVE-2024-22231: Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which
Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master.
nvd