PYSEC-2013-12

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/salt/PYSEC-2013-12.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2013-12

Aliases

CVE-2013-4435
GHSA-v89f-4mc4-h6w9

Published

2013-11-05T18:55:00Z

Modified

2024-05-01T11:41:22.304202Z

Summary

[none]

Details

Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine.

References

http://docs.saltstack.com/topics/releases/0.17.1.html
http://www.openwall.com/lists/oss-security/2013/10/18/3

Affected packages

PyPI / salt

Package

Name: salt; View open source insights on deps.dev
Purl: pkg:pypi/salt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0.15.0

Fixed

0.17.1

Affected versions

0.*

0.15.0

0.15.1

0.15.2

0.15.3

0.15.90

0.16.0

0.16.1

0.16.2

0.16.3

0.16.4

0.17.0rc1

0.17.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/salt/PYSEC-2013-12.yaml"