Vulnerability CVE-2023-27043 detected for the Minion packages deployed by Salt Master

Vulnerability CVE-2023-27043 detected for the Minion packages deployed by Salt Master

search cancel

Vulnerability CVE-2023-27043 detected for the Minion packages deployed by Salt Master

book

Article ID: 387747

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Vulnerability scans show a vulnerability in the 3005.3 version of the Salt Minion.

Environment

Aria Automation Config 8.x
Salt 3005.3

Cause

Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple - [CVE-2023-27043] Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple · Issue #102988 · python/cpython

Resolution

Upgrade to Salt 3006.8 or above, which has resolved Python package of 3.11.9-4.ph5.

Feedback

thumb_up Yes

thumb_down No