Vmware Salt
11 CVEs affecting Vmware Salt. Latest disclosed: 2025-06-13. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-38824 | Critical | 9.6 | 2025-06-13 | Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory. |
CVE-2025-22239 | High | 8.1 | 2025-06-13 | Arbitrary event injection on Salt Master. The master's "_minion_event" method can be used by and authorized minion to send arbitrary events onto the master's e… |
CVE-2025-22236 | High | 8.1 | 2025-06-13 | Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions (>= 3007… |
CVE-2025-22237 | Medium | 6.7 | 2025-06-13 | An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary comma… |
CVE-2024-38825 | Medium | 6.4 | 2025-06-13 | The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate… |
CVE-2025-22240 | Medium | 6.3 | 2025-06-13 | Arbitrary directory creation or file deletion. In the find_file method of the GitFS class, a path is created using os.path.join using unvalidated input from th… |
CVE-2025-22242 | Medium | 5.6 | 2025-06-13 | Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pub_ret” method which is exposed to all minions. The un-… |
CVE-2025-22241 | Medium | 5.6 | 2025-06-13 | File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory… |
CVE-2025-22238 | Medium | 4.2 | 2025-06-13 | Directory traversal attack in minion file cache creation. The master's default cache is vulnerable to a directory traversal attack. Which could be leveraged to… |
CVE-2024-38823 | Low | 2.7 | 2025-06-13 | Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport. |
CVE-2024-38822 | Low | 2.7 | 2025-06-13 | Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion. |