Описание
Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to be loaded has already been determined to be safe.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.17.5+ds-1 |
| esm-infra-legacy/trusty | not-affected | 0.17.5+ds-1 |
| lucid | DNE | |
| precise | DNE | |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | ignored | end of life |
| trusty | not-affected | 0.17.5+ds-1 |
| trusty/esm | not-affected | 0.17.5+ds-1 |
| upstream | released | 0.17.1 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to be loaded has already been determined to be safe.
Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute ...
Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to be loaded has already been determined to be safe.
EPSS
7.5 High
CVSS2