CVE-2021-3144: Insufficient Session Expiration
(updated )
In SaltStack Salt, eauth
tokens can be used once after expiration. They might be used to run command against the salt master or minions
.
References
Detect and mitigate CVE-2021-3144 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →