Safety vulnerability ID: 39159
The information on this page was manually curated by our Cybersecurity Intelligence Team.
An issue was discovered in SaltStack Salt before 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
Latest version: 3007.0
Portable, distributed, remote execution and configuration management system
===========
Fixed
-----
- Prevent shell injections in netapi ssh client (cve-2020-16846)
- Prevent creating world readable private keys with the tls execution module. (cve-2020-17490)
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application