MEDIUM 4.2

GHSA-r546-h3ff-q585

Salt vulnerable to directory traversal attack in minion file cache creation

Details

Directory traversal attack in minion file cache creation. The master's default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite 'cache' files outside of the cache directory.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / salt

Introduced in: 3006.0rc1 Fixed in: 3006.12

Fix pip install --upgrade 'salt>=3006.12'

PyPI / salt

Introduced in: 3007.0rc1 Fixed in: 3007.4

Fix pip install --upgrade 'salt>=3007.4'

References

https://nvd.nist.gov/vuln/detail/CVE-2025-22238 [ADVISORY]
https://github.com/saltstack/salt/commit/4b30218edf1a979855ea191d72b30c89f4a5a582 [WEB]
https://docs.saltproject.io/en/3006/topics/releases/3006.12.html [WEB]
https://docs.saltproject.io/en/3007/topics/releases/3007.4.html [WEB]
https://github.com/saltstack/salt [PACKAGE]