MEDIUM 6.3 PyPI
salt leaks git usernames and passwords to the log
GHSA-q2x6-8gfj-hjxw · CVE-2015-6918 · PYSEC-2017-70
Published · Modified
Description
salt before 2015.5.5 leaks git usernames and passwords to the log.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2015-6918
- WEB https://github.com/saltstack/salt/issues/26484
- WEB https://github.com/saltstack/salt/pull/26486
- WEB https://github.com/saltstack/salt/commit/28aa9b105804ff433d8f663b2f9b804f2b75495a
- WEB https://bugzilla.redhat.com/show_bug.cgi?id=1257154
- WEB https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2017-70.yaml
- PACKAGE https://github.com/saltstack/salt
Ready to move
Start Securing
Free, no credit card | First findings in minutes