
We found results for “”
CVE-2025-22238
Good to know:


Date: June 13, 2025
Directory traversal attack in minion file cache creation. The master's default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite 'cache' files outside of the cache directory.
Severity Score
Related Resources (6)
Severity Score
Weakness Type (CWE)
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-22Top Fix

Upgrade Version
Upgrade to version salt - 3006.12;salt - 3007.4;salt - 3006.12;salt - 3007.4;https://github.com/saltstack/salt.git - v3006.12;https://github.com/saltstack/salt.git - v3007.4
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | HIGH |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | HIGH |
Availability (A): | NONE |