CVE-2014-3563

描述

Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

受影響套件(2)

• PyPI/saltfrom 0, < 2014.1.10
• PyPI/saltfrom 0, < 2014.1.10

參考連結(7)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2014-3563
• PATCHhttps://github.com/saltstack/salt
• WEBhttp://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html
• WEBhttp://seclists.org/oss-sec/2014/q3/428
• WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/95392
• WEBhttps://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2014-18.yaml
• WEBhttp://www.securityfocus.com/bid/69319