CVE-2024-22232
Publication date 27 June 2024
Last updated 24 July 2024
Ubuntu priority
A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem.
Status
Package | Ubuntu Release | Status |
---|---|---|
salt | 24.10 oracular | Not in release |
24.04 LTS noble | Not in release | |
22.04 LTS jammy |
Needs evaluation
|
|
20.04 LTS focal | Not in release | |
18.04 LTS bionic |
Needs evaluation
|
|
16.04 LTS xenial |
Needs evaluation
|
|
14.04 LTS trusty | Ignored end of ESM support, was needs-triage |