CVE-2022-35919

🗓️ 01 Aug 2022 00:00:00Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 430 Views🌐 WEB

MinIO High Performance Object Storage, Unauthorized Path Acces

Reporter	Title	Published	Views	Family All 29
0day.today	Minio 2022-07-29T19-40-48Z - Path traversal Exploit	9 Oct 202300:00	–	zdt
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Golang Go and MinIO may affect IBM Spectrum Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift (CVE-2022-29804, CVE-2022-30580, CVE-2022-30629, CVE-2022-30634, CVE-2022-35919, CVE-2022-31028)	17 Sep 202213:44	–	ibm
AlpineLinux	CVE-2022-35919	1 Aug 202200:00	–	alpinelinux
Circl	CVE-2022-35919	2 Aug 202207:55	–	circl
CNNVD	MinIO 路径遍历漏洞	1 Aug 202200:00	–	cnnvd
Cvelist	CVE-2022-35919 Authenticated requests for server update admin API allows path traversal in minio	1 Aug 202200:00	–	cvelist
Exploit DB	Minio 2022-07-29T19-40-48Z - Path traversal	9 Oct 202300:00	–	exploitdb
EUVD	EUVD-2022-38786	3 Oct 202520:07	–	euvd
NVD	CVE-2022-35919	1 Aug 202222:15	–	nvd
OSV	BIT-MINIO-2022-35919 Authenticated requests for server update admin API allows path traversal in minio	6 Mar 202410:57	–	osv

NVD

Vulners

Node

minio minioRange<2022-07-29t19-40-48z

[
  {
    "vendor": "minio",
    "product": "minio",
    "versions": [
      {
        "version": "< RELEASE.2022-07-29T19-40-48Z",
        "status": "affected"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/175010/Minio-2022-07-29T19-40-48Z-Path-Traversal.html
github	www.github.com/minio/minio/commit/bc72e4226e669d98c8e0f3eccc9297be9251c692
github	www.github.com/minio/minio/security/advisories/GHSA-gr9v-6pcm-rqvg
github	www.github.com/minio/minio/pull/15429