[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2026:20000-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":63,"epss":9,"epss_history":64,"metrics":65,"affected":66},"OPENSUSE-SU-2026:20000-1","Security update for salt\n\nThis update for salt fixes the following issues:\n\nChanges in salt:\n\n- Add minimum_auth_version to enforce security (CVE-2025-62349)\n- Backport security fixes for vendored tornado\n  * BDSA-2024-3438\n  * BDSA-2024-3439\n  * BDSA-2024-9026\n- Junos module yaml loader fix (CVE-2025-62348)\n- Require Python dependencies only for used Python version\n- Fix TLS and x509 modules for OSes with older cryptography module\n- Fix Salt for Python > 3.11 (bsc#1252285, bsc#1252244)\n- Fix payload signature verification on Tumbleweed (bsc#1251776)\n- Fix broken symlink on migration to Leap 16.0 (bsc#1250755)\n- Use versioned python interpreter for salt-ssh\n- Fix known_hosts error on gitfs (bsc#1250520, bsc#1227207)\n- Revert require M2Crypto >= 0.44.0 for SUSE Family distros\n- Improve SL Micro 6.2 detection with grains\n- Fix the tests failing on AlmaLinux 10 and other clones\n",null,[],[],[],[14,16],{"_key":15},"CVE-2025-62348",{"_key":17},"CVE-2025-62349",[],[],[21,22],{"_key":15},{"_key":17},"2025-12-23T09:11:50Z","2026-03-23T04:54:40.668263Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,38,42,46,50,54,59],{"url":29,"sources":30,"tags":32},"https://bugzilla.suse.com/1227207",[31],"osv_opensuse",[33],"REPORT",{"url":35,"sources":36,"tags":37},"https://bugzilla.suse.com/1250520",[31],[33],{"url":39,"sources":40,"tags":41},"https://bugzilla.suse.com/1250755",[31],[33],{"url":43,"sources":44,"tags":45},"https://bugzilla.suse.com/1251776",[31],[33],{"url":47,"sources":48,"tags":49},"https://bugzilla.suse.com/1252244",[31],[33],{"url":51,"sources":52,"tags":53},"https://bugzilla.suse.com/1252285",[31],[33],{"url":55,"sources":56,"tags":57},"https://www.suse.com/security/cve/CVE-2025-62348",[31],[58],"WEB",{"url":60,"sources":61,"tags":62},"https://www.suse.com/security/cve/CVE-2025-62349",[31],[58],[],[],[],[67,80],{"ecosystem":68,"name":69,"vendor":70,"product":71,"cpe_part":9,"purl_type":72,"purl_namespace":70,"purl_name":71,"source":9,"versions":73},"openSUSE","salt-test","opensuse","salt-test&distro=openSUSE Leap 16.0","rpm",[74],{"version":75,"is_range":76,"range_type":77,"version_start":9,"version_start_type":9,"version_end":78,"version_end_type":79,"fixed_in":9},"lt3006_0_160000_3_1",true,"ecosystem","3006.0-160000.3.1","excluding",{"ecosystem":68,"name":81,"vendor":70,"product":82,"cpe_part":9,"purl_type":72,"purl_namespace":70,"purl_name":82,"source":9,"versions":83},"salt","salt&distro=openSUSE Leap 16.0",[84],{"version":75,"is_range":76,"range_type":77,"version_start":9,"version_start_type":9,"version_end":78,"version_end_type":79,"fixed_in":9}]