AVG-383

Package salt
Status Fixed
Severity Medium
Type directory traversal
Affected 2017.7.0-1
Fixed 2017.7.1-1
Current 2017.7.2-1 [community]
Ticket None
Created Tue Aug 15 16:43:38 2017
Issue Severity Remote Type Description
CVE-2017-12791 Medium Yes Directory traversal
It has been discovered that maliciously crafted minion IDs can cause unwanted directory traversals on the salt-master. The flaw is within the minion id...
Date Advisory Package Description
23 Aug 2017 ASA-201708-17 salt directory traversal
References
https://groups.google.com/forum/#!topic/salt-announce/3e5bNantdJk