7 matches found
CVE-2023-25812
Minio is a Multi-Cloud Object Storage framework. Affected versions do not correctly honor a Deny policy on ByPassGoverance. Ideally, minio should return "Access Denied" to all users attempting to DELETE a versionId with the special header X-Amz-Bypass-Governance-Retention: true. However, this was...
Security Bulletin: Vulnerabilities in Python, OpenSSH, Golang Go, Minio and Redis may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift
Summary IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift can be affected by vulnerabilities in Python, OpenSSH, Golang Go, Minio and Redis. Vulnerabilities include denial of service, gain elevated privileges on the system, allow a remote attacker to execute...
CVE-2023-25812
creationtimestamp| type| source ---|---|--- 2023-02-22 00:47:06+00:00| seen| https://t.me/cibsecurity/58647...
CVE-2023-25812
Minio is a Multi-Cloud Object Storage framework. Affected versions do not correctly honor a Deny policy on ByPassGoverance. Ideally, minio should return "Access Denied" to all users attempting to DELETE a versionId with the special header X-Amz-Bypass-Governance-Retention: true. However, this was...
CVE-2023-25812
CVE-2023-25812 (Minio) affects Minio, a multi-cloud object storage framework. Affected versions fail to honor a Deny policy when receiving the header X-Amz-Bypass-Governance-Retention: true, allowing a request to delete a versionId under governance. The issue states that such requests are incorre...
CVE-2023-25812 Allowed DELETE on resources on object locked buckets under Governance mode in Minio
Minio is a Multi-Cloud Object Storage framework. Affected versions do not correctly honor a Deny policy on ByPassGoverance. Ideally, minio should return "Access Denied" to all users attempting to DELETE a versionId with the special header X-Amz-Bypass-Governance-Retention: true. However, this was...
CVE-2023-25812 Allowed DELETE on resources on object locked buckets under Governance mode in Minio
Minio is a Multi-Cloud Object Storage framework. Affected versions do not correctly honor a Deny policy on ByPassGoverance. Ideally, minio should return "Access Denied" to all users attempting to DELETE a versionId with the special header X-Amz-Bypass-Governance-Retention: true. However, this was...