CVE-2018-15750

Priority
Description
Directory Traversal vulnerability in salt-api in SaltStack Salt before
2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine
which files exist on the server.
Notes
Package
Source: salt (LP Ubuntu Debian)
Upstream:released (2018.3.3+dfsg1-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected)
Ubuntu 16.04 LTS (Xenial Xerus):released (2015.8.8+ds-1ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (2017.7.4+dfsg1-1ubuntu18.04.2)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):not-affected
More Information

Updated: 2020-09-10 05:51:19 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)