CRITICAL🇵🇱 Wersja polska

CVE-2024-38824

CVSS 9.6v3.1pub. 2025-06-13upd. 2025-07-10

Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
  • Saltstack Salt

    APP
    Saltstack
    3006.0 – 3006.12 (bez)3007.0 – 3007.4 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2020-16846CRITICAL9.8⚠ KEVten sam produkt

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the...

CVE-2020-11651CRITICAL9.8⚠ KEVten sam produkt

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process Clea...

CVE-2021-33226CRITICAL9.8ten sam produkt

Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the...

CVE-2021-25315CRITICAL9.8ten sam produkt

CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumblew...

CVE-2021-25282CRITICAL9.1ten sam produkt

An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is v...