CVE-2024-22231

Name

CVE-2024-22231

Description

Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Source package	Branch	Version	Maintainer	Status
salt	edge-community	3006.6-r0	Kevin Daudt <kdaudt@alpinelinux.org>	fixed
salt	3.22-community	3006.6-r0	None	fixed
salt	3.21-community	3006.6-r0	None	fixed
salt	3.20-community	3006.6-r0	None	fixed
salt	3.19-community	3006.6-r0	Kevin Daudt <kdaudt@alpinelinux.org>	fixed

References

Match rules

Vulnerable and fixed packages