Description

Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pub_ret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by attempting to read from a filename that will not return any data, e.g. by targeting a pipe node on the proc file system.

INFO

Published Date :

2025-06-13T07:08:12.518Z

Last Modified :

2025-06-17T17:25:29.513Z

Source :

vmware
AFFECTED PRODUCTS

The following products are affected by CVE-2025-22242 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-22242.

URL Resource
https://docs.saltproject.io/en/3006/topics/releases/3006.12.html cve-icon cve-icon
https://docs.saltproject.io/en/3007/topics/releases/3007.4.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact