{"id":"PYSEC-2014-18","details":"Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.","aliases":["CVE-2014-3563","GHSA-mfr3-9cj8-h2qm"],"modified":"2024-04-22T22:41:39.928096Z","published":"2014-08-22T17:55:00Z","references":[{"type":"WEB","url":"http://seclists.org/oss-sec/2014/q3/428"},{"type":"WEB","url":"http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/69319"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/95392"}],"affected":[{"package":{"name":"salt","ecosystem":"PyPI","purl":"pkg:pypi/salt"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2014.1.10"}]}],"versions":["0.10.0","0.10.1","0.10.2","0.10.3","0.10.4","0.10.5","0.11.0","0.11.1","0.12.0","0.12.1","0.13.0","0.13.1","0.13.2","0.13.3","0.14.0","0.14.1","0.15.0","0.15.1","0.15.2","0.15.3","0.15.90","0.16.0","0.16.1","0.16.2","0.16.3","0.16.4","0.17.0","0.17.0rc1","0.17.1","0.17.2","0.17.3","0.17.4","0.17.5","0.8.7","0.8.9","0.9.0","0.9.1","0.9.2","0.9.3","0.9.4","0.9.5","0.9.6","0.9.7","0.9.8","0.9.9","0.9.9.1","2014.1.0","2014.1.0rc1","2014.1.0rc2","2014.1.0rc3","2014.1.1","2014.1.2","2014.1.3","2014.1.4","2014.1.5","2014.1.6","2014.1.7","2014.1.8","2014.1.9"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/salt/PYSEC-2014-18.yaml"}}],"schema_version":"1.7.3"}