Known Vulnerabilities for Salt by Saltstack
Listed below are 10 of the newest known vulnerabilities associated with "Salt" by "Saltstack".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-43873 json | WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite/cloneClient.json.php ech... | Not Provided | 2026-05-11 | 2026-05-12 |
| CVE-2026-42610 json | Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged user (EX: Content Editor with only pages.update pe... | Not Provided | 2026-05-11 | 2026-05-11 |
| CVE-2026-41893 json | Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.25.0, the HTTP login endpoin... | Not Provided | 2026-05-09 | 2026-05-09 |
| CVE-2026-5088 json | Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The _make_salt and _mak... | Not Provided | 2026-04-15 | 2026-05-01 |
| CVE-2026-4430 json | Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encrypti... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2023-20898 json | Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior t... | 7.8 - HIGH | 2023-09-05 | 2023-09-14 |
| CVE-2023-20897 json | Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request ser... | 5.3 - MEDIUM | 2023-09-05 | 2023-09-14 |
| CVE-2023-1430 json | The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data i... | 5.3 - MEDIUM | 2023-06-09 | 2026-04-08 |
| CVE-2022-22967 json | An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts... | 8.8 - HIGH | 2022-06-23 | 2023-12-21 |
| CVE-2022-22941 json | An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, ... | 8.8 - HIGH | 2022-03-29 | 2023-12-21 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Saltstack | Salt | 3002.2 | |||
| Application | Saltstack | Salt | 3002.1 | |||
| Application | Saltstack | Salt | 3002 | |||
| Application | Saltstack | Salt | 3001.3 | |||
| Application | Saltstack | Salt | 3001.2 | |||
| Application | Saltstack | Salt | 3001.1 | |||
| Application | Saltstack | Salt | 3001 | |||
| Application | Saltstack | Salt | 3000.3 | |||
| Application | Saltstack | Salt | 3000.2 | |||
| Application | Saltstack | Salt | 3000.13 | |||
| Application | Saltstack | Salt | 3000.1 | |||
| Application | Saltstack | Salt | 3000.0 | |||
| Application | Saltstack | Salt | 3000 | |||
| Application | Saltstack | Salt | 2019.8.0 | |||
| Application | Saltstack | Salt | 2019.2.5 | |||
| Application | Saltstack | Salt | 2019.2.4 | |||
| Application | Saltstack | Salt | 2019.2.3 | |||
| Application | Saltstack | Salt | 2019.2.2 | |||
| Application | Saltstack | Salt | 2019.2.1 | |||
| Application | Saltstack | Salt | 2019.2.0 |