CVE-2021-33226
on github
Published
Severity
CVSS v3:
9.8 CRITICAL
CVSS v2:
N/A
Description
Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. NOTE: this is disputed by third parties because an attacker cannot influence the eval input
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* | n/a | 3003 (including) | * |