CVE-2024-22232 Information

Description

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem.

Reference

https://saltproject.io/security-announcements/2024-01-31-advisory/ A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem.