[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2025:21218-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":68,"epss":9,"epss_history":69,"metrics":70,"affected":71},"SUSE-SU-2025:21218-1","Security update for salt\n\nThis update for salt fixes the following issues:\n\nsalt:\n\n- Security issues fixed:\n\n  - CVE-2025-62349: Added minimum_auth_version to enforce security (bsc#1254257)\n  - CVE-2025-62348: Fixed Junos module yaml loader (bsc#1254256)\n  - Backport security fixes for vendored tornado\n    * BDSA-2024-3438\n    * BDSA-2024-3439\n    * BDSA-2024-9026\n\n- Other changes and bugs fixed:\n\n  - Added `minion_legacy_req_warnings` option to avoid noisy warnings\n  - Fixed TLS and x509 modules for OSes with older cryptography module\n  - Fixed Salt for Python > 3.11 (bsc#1252285) (bsc#1252244)\n    * Use external tornado on Python > 3.11\n    * Make tls and x509 to use python-cryptography\n    * Remove usage of spwd\n  - Fixed payload signature verification on Tumbleweed (bsc#1251776)\n  - Fixed broken symlink on migration to Leap 16.0 (bsc#1250755)\n  - Fixed known_hosts error on gitfs (bsc#1250520) (bsc#1227207)\n  - Fixed functional.states.test_user for SLES 16 and Micro systems\n  - Fixed the tests failing on AlmaLinux 10 and other clones\n  - Improved SL Micro 6.2 detection with grains\n  - Require Python dependencies only for used Python version\n  - Reverted requirement of M2Crypto >= 0.44.0 for SUSE Family distros\n  - Set python-CherryPy as required for python-salt-testsuite\n\n",null,[],[],[],[14,16],{"_key":15},"CVE-2025-62348",{"_key":17},"CVE-2025-62349",[],[],[21,22],{"_key":15},{"_key":17},"2025-12-16T08:19:40Z","2026-03-23T04:51:16.862303Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,39,43,47,51,55,59,64],{"url":29,"sources":30,"tags":32},"https://www.suse.com/support/update/announcement/2025/suse-su-202521218-1/",[31],"osv_suse",[33],"Advisory",{"url":35,"sources":36,"tags":37},"https://bugzilla.suse.com/1227207",[31],[38],"REPORT",{"url":40,"sources":41,"tags":42},"https://bugzilla.suse.com/1250520",[31],[38],{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/1250755",[31],[38],{"url":48,"sources":49,"tags":50},"https://bugzilla.suse.com/1251776",[31],[38],{"url":52,"sources":53,"tags":54},"https://bugzilla.suse.com/1252244",[31],[38],{"url":56,"sources":57,"tags":58},"https://bugzilla.suse.com/1252285",[31],[38],{"url":60,"sources":61,"tags":62},"https://www.suse.com/security/cve/CVE-2025-62348",[31],[63],"WEB",{"url":65,"sources":66,"tags":67},"https://www.suse.com/security/cve/CVE-2025-62349",[31],[63],[],[],[],[72],{"ecosystem":73,"name":74,"vendor":75,"product":76,"cpe_part":9,"purl_type":77,"purl_namespace":75,"purl_name":76,"source":9,"versions":78},"SUSE Linux Enterprise","salt","suse","salt&distro=SUSE Linux Micro 6.1","rpm",[79],{"version":80,"is_range":81,"range_type":82,"version_start":9,"version_start_type":9,"version_end":83,"version_end_type":84,"fixed_in":9},"lt3006_0_slfo_1_1_5_1",true,"ecosystem","3006.0-slfo.1.1_5.1","excluding"]