AVG-1147 log

Package salt
Status Fixed
Severity Critical
Type multiple issues
Affected 2019.2.3-1
Fixed 2019.2.4-1
Current 2019.2.4-1 [community]
Ticket None
Created Tue May 5 12:12:10 2020
Issue Severity Remote Type Description
CVE-2020-11652 Critical Yes Arbitrary filesystem access
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods...
CVE-2020-11651 Critical Yes Arbitrary command execution
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method...
Date Advisory Package Description
05 May 2020 ASA-202005-1 salt multiple issues