Jonathan Schlue discovered a vulnerability in Salt, a powerful remote execution manager. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.
Several vulnerabilities were discovered in Icinga 2, a general-purpose monitoring application. An attacker could retrieve sensitive information such as service passwords and ticket salt by querying the web API, or by intercepting unsufficiently checked encrypted
Multiple security vulnerabilities have been discovered in Salt, a powerful remote execution manager, that allow for local privilege escalation on a minion, server side template injection attacks, insufficient checks for eauth credentials, shell and command injections or incorrect validation of