Salad Vulnerability Disclosure (July 2024)
Salad customers were given full access to a Chef’s internal network on Salad versions 1.6.0 and earlier. It was possible for a customer to deploy a malicious container that could quickly scan and exploit vulnerable devices on a Chef’s home network.