Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.
                
            References
                    | Link | Resource | 
|---|---|
| https://docs.saltproject.io/en/3006/topics/releases/3006.12.html | Release Notes Vendor Advisory | 
| https://docs.saltproject.io/en/3007/topics/releases/3007.4.html | Release Notes Vendor Advisory | 
Configurations
                    Configuration 1 (hide)
| 
 | 
History
                    10 Jul 2025, 00:34
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time | Saltstack Saltstack salt | |
| CPE | cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* | |
| References | () https://docs.saltproject.io/en/3006/topics/releases/3006.12.html - Release Notes, Vendor Advisory | |
| References | () https://docs.saltproject.io/en/3007/topics/releases/3007.4.html - Release Notes, Vendor Advisory | 
16 Jun 2025, 18:15
| Type | Values Removed | Values Added | 
|---|---|---|
| CWE | CWE-22 | 
16 Jun 2025, 12:32
| Type | Values Removed | Values Added | 
|---|---|---|
| Summary | 
 | 
13 Jun 2025, 08:15
| Type | Values Removed | Values Added | 
|---|---|---|
| New CVE | 
Information
                Published : 2025-06-13 08:15
Updated : 2025-07-10 00:34
NVD link : CVE-2024-38824
Mitre link : CVE-2024-38824
CVE.ORG link : CVE-2024-38824
JSON object : View
Products Affected
                saltstack
- salt
CWE
                
                    
                        
                        CWE-22
                        
            Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
