Yudi Zhao

**Name of the Vulnerable Software and Affected Versions** Salt (affected versions not specified) **Description** The issue is related to a directory traversal attack in the Salt project, specifically in the Syndic cache directory creation. This could allow a malicious attacker to create an arbitrary directory on a Salt master. The vulnerability may also be exploited to execute arbitrary code remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Salt (affected versions not specified) **Description** The issue is related to the creation of specially crafted URLs, leading to directory traversal on the Salt file server. This can allow a malicious user to read arbitrary files from a Salt master's filesystem. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.