ALT-PU-2024-3653-1
Package salt updated to version 3006.6-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
Published: 2024-06-27
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2024-22231
Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master.
References:
Published: 2024-06-27
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2024-22232
A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem.
References: