Launchpad.net

CVE 2021-25283

An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.

See the CVE page on Mitre.org for more details.