Ubuntu CVE Tracker
Home
Main
Universe
Partner
CVE-2021-21996
Priority
Medium
Description
An issue was discovered in SaltStack Salt before 3003.3. A user who has
control of the source, and source_hash URLs can gain full file system
access as root on a salt minion.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21996
https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
Notes
Package
Source:
salt
(
LP
Ubuntu
Debian
)
Upstream:
needs-triage
Ubuntu 18.04 LTS
:
needs-triage
Ubuntu 20.04 LTS:
DNE
Ubuntu 21.10
:
needs-triage
Ubuntu 22.04 LTS
:
needs-triage
Ubuntu 14.04 ESM:
DNE
Patches:
More Information
Mitre
NVD
Launchpad
Debian
Updated
: 2022-04-25 00:52:21 UTC (commit
ecc1009cb19540b950de59270950018900f37f15
)