CVE-2017-14696 - log back

CVE-2017-14696 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ It has been discovered that salt incorrectly handled IDs with null bytes in decoded payloads. A specially crafted authentication request will crash the application while processing.
References
+ https://groups.google.com/forum/#!topic/salt-announce/X8ZiQrZLujA
+ https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b
Notes