rustfs 安全漏洞

RustFS is a high-performance object storage system developed by RustFS. Versions of RustFS prior to 1.0.0-beta.2 contained a security vulnerability. This vulnerability stemmed from improper authorization in the UploadPartCopy operation, allowing objects to be copied across buckets without enforci...

CVE-2026-33221 Nhost Storage Affected by MIME Type Spoofing via Trusted Client Content-Type Header in Storage Upload

Nhost is an open source Firebase alternative with GraphQL. Prior to version 0.12.0, the storage service's file upload handler trusts the client-provided Content-Type header without performing server-side MIME type detection. This allows an attacker to upload files with an arbitrary MIME type,...

CVE-2026-33221

CVE-2026-33221 affects the Nhost storage upload component. Before v0.12.0, the storage service trusts the client-provided Content-Type header and does not perform server-side MIME type detection, enabling an attacker to upload files with arbitrary MIME types and bypass MIME-type-based bucket rest...

CVE-2026-33221

Nhost is an open source Firebase alternative with GraphQL. Prior to version 0.12.0, the storage service's file upload handler trusts the client-provided Content-Type header without performing server-side MIME type detection. This allows an attacker to upload files with an arbitrary MIME type,...