FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
50127e44-7b88-4ade-8e12-5d57320823f1salt -- multiple vulnerabilities

SaltStack reports:

Directory traversal vulnerability in minion id validation in SaltStack. Allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. Credit for discovering the security flaw goes to: Julian Brost (julian@0x4a42.net). NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-12791.

Remote Denial of Service with a specially crafted authentication request. Credit for discovering the security flaw goes to: Julian Brost (julian@0x4a42.net)


Discovery 2017-10-09
Entry 2017-11-23
py27-salt
py32-salt
py33-salt
py34-salt
py35-salt
py36-salt
< 2016.11.8

ge 2017.7.0 lt 2017.7.2

CVE-2017-14695
CVE-2017-14696
https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html
https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.8.html
https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d
https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b