salt vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-62349Highsalt: Salt Authentication Protocol Version Downgrade Allows Minion ImpersonationCVE-2025-62348Highsalt: Salt junos Module Vulnerable to Code Injection via Specially Crafted YAML PayloadCVE-2024-38824Criticalsalt: Salt vulnerable to directory traversal attack in file receiving methodCVE-2025-22242Mediumsalt: Salt's worker process vulnerable to denial of service through file read operationCVE-2025-22238Mediumsalt: Salt vulnerable to directory traversal attack in minion file cache creationCVE-2025-22237Mediumsalt: Salt's on demand pillar functionality vulnerable to arbitrary command injections CVE-2025-22241Mediumsalt: Salt's file contents overwrite the VirtKey classCVE-2025-22240Mediumsalt: Salt allows arbitrary directory creation or file deletionCVE-2025-22239Highsalt: Salt vulnerable to arbitrary event injectionCVE-2024-38825Mediumsalt: Salt's salt.auth.pki module does not properly authenticate callersCVE-2025-22236Highsalt: Salt has minion event bus authorization bypass vulnerabilityCVE-2023-34049Mediumsalt: Salt preflight script could be attacker controlledCVE-2024-22232Highsalt: Path traversal in saltstackCVE-2024-22231Mediumsalt: Directory creation by malicious user in saltstackCVE-2023-20897Mediumsalt: Salt vulnerable to denial of serviceCVE-2023-20898Mediumsalt: Salt can cause Git Providers to get wrong dataCVE-2022-22967Highsalt: Salt's PAM auth fails to reject locked accountsCVE-2021-22004Highsalt: Improper Authentication in SaltStack SaltCVE-2021-31607Highsalt: Command Injection in SaltStack SaltCVE-2021-25315Highsalt: Saltstack Salt Unauthenticated Arbitrary Code ExecutionCVE-2021-3144Criticalsalt: SaltStack Salt eauth tokens can be used once after expirationCVE-2021-3197Criticalsalt: SaltStack Salt is vulnerable to shell injection via ProxyCommand argumentCVE-2021-3148Criticalsalt: SaltStack Salt command injection in the Salt-API when using the Salt-SSH clientCVE-2021-25284Mediumsalt: SaltStack Salt Cleartext Storage of Sensitive Information via cmdmod CVE-2021-25282Highsalt: SaltStack Salt Directory Traversal vulnerability

Stop the waste.
Protect your environment with Kodem.