AVG-2354 log

Package salt
Status Fixed
Severity Medium
Type arbitrary filesystem access
Affected 3003.2-1
Fixed 3003.3-1
Current 3004-4 [community]
Ticket None
Created Thu Sep 9 12:07:31 2021
Issue Severity Remote Type Description
CVE-2021-21996 Medium Yes Arbitrary filesystem access
An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root...