Saltproject IO

Security Announcements

Salt security advisory release - 2022-MAR-28

Mar 28, 2022

The Salt Project released a security update to Salt to address 4 vulnerabilities with a severity rating of Medium to High. We strongly recommend prioritizing this update. This is a security advisory release.

Read More

ATTENTION! Some critical vulnerabilities have been discovered in Salt versions 3004 and earlier

Mar 22, 2022

Some critical vulnerabilities have been discovered in Salt versions 3004 and earlier. The vulnerabilities range in rating from Medium to High based on the Common Vulnerability Scoring System (CVSS). We are preparing a CVE release to be available on Monday, March 28th.

Read More

Salt security advisory release - 2021-SEPT-2

Sep 2, 2021

The Salt Project released a security update to Salt to address 3 vulnerabilities with severity rating Medium to High. We strongly recommend prioritizing this update. This is a security advisory release.

Read More

Active Salt CVE Release 2021-FEB-25

Feb 25, 2021

The Salt Project has released a security update to address 10 vulnerabilities with severity rating Medium to High. We strongly recommend prioritizing this update.

Read More

UPDATE 2021-FEB-25 CVE Release Time Delay

Feb 25, 2021

Today the 2021-FEB-25 CVE Release is on-going and we are working through tasks. However, it is taking longer than expected. At this time we estimate a release time as 6 PM MST and 1 AM UTC. We apologize for the delay.

Read More

Salt Feb 4th CVE Release Delayed

Feb 4, 2021

Today’s scheduled CVE Release is delayed due to a bug found late in the release cycle. This CVE Release is now set for Thursday, February 25th, 2021 by noon MST and 7:00 PM UTC. We apologize for the inconvenience this delay causes.

Read More

Active Salt CVE Announcement - 2021-JAN-21

Jan 29, 2021

Several critical vulnerabilities have been discovered in Salt. These affect versions 3002 and earlier.Most of these, we expect the Common Vulnerability Scoring System (CVSS) rating to be high or critical. We quickly took actions to remediate once made aware of the vulnerabilities.

Read More

Active Salt CVE Release 2020-NOV-03

Nov 3, 2020

SaltStack has released a security update to Salt to address three critical vulnerabilities. We strongly recommend that you prioritize this update.

Read More

Active Salt CVE Announcement - 2020-OCT-30

Oct 30, 2020

Three related critical vulnerabilities have been discovered in Salt versions 3002 and earlier.

Read More