Total vulnerabilities in the database
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
| Software | From | Fixed in |
|---|---|---|
| saltstack / salt | 3000 | 3000.2 |
| saltstack / salt | - | 2019.2.4 |
| opensuse / leap | 15.1 | 15.1.x |
| debian / debian_linux | 8.0 | 8.0.x |
| debian / debian_linux | 9.0 | 9.0.x |
| debian / debian_linux | 10.0 | 10.0.x |
| canonical / ubuntu_linux | 18.04 | 18.04.x |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| blackberry / workspaces_server | 9.1.0 | 9.1.0.x |
| blackberry / workspaces_server | - | 7.1.3.x |
| blackberry / workspaces_server | 8.0.0 | 8.2.6.x |
| vmware / application_remote_collector | 8.0.0 | 8.0.0.x |
| vmware / application_remote_collector | 7.5.0 | 7.5.0.x |