10 matches found
CVE-2022-35919
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for admin:ServerUpdate can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow...
Minio 2022-07-29T19-40-48Z Path Traversal
Exploit Title: Minio 2022-07-29T19-40-48Z - Path traversal Date: 2023-09-02 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding 2022-07-29T19-40-48Z Tested on: Windows 10 CVE : CVE-2022-35919 Required before executio...
Minio 2022-07-29T19-40-48Z - Path traversal Exploit
Exploit Title: Minio 2022-07-29T19-40-48Z - Path traversal Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding 2022-07-29T19-40-48Z Tested on: Windows 10 CVE : CVE-2022-35919 Required before execution: pip install...
Minio 2022-07-29T19-40-48Z - Path traversal
Exploit Title: Minio 2022-07-29T19-40-48Z - Path traversal Date: 2023-09-02 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding 2022-07-29T19-40-48Z Tested on: Windows 10 CVE : CVE-2022-35919 Required before executio...
CVE-2022-35919
creationtimestamp| type| source ---|---|--- 2022-08-02 07:55:43+00:00| seen| https://t.me/cibsecurity/47396...
CVE-2022-35919
Summary: CVE-2022-35919 affects MinIO by enabling path traversal via the admin:ServerUpdate API when an authenticated admin triggers a specific error, exposing contents readable by the MinIO process. Related sources describe affected versions and a fix path. Impact (as stated): potential exposure...
CVE-2022-35919 Authenticated requests for server update admin API allows path traversal in minio
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for admin:ServerUpdate can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow...
CVE-2022-35919 Authenticated requests for server update admin API allows path traversal in minio
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for admin:ServerUpdate can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow...
CVE-2022-35919
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for admin:ServerUpdate can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow...
CVE-2022-35919 Authenticated requests for server update admin API allows path traversal in minio
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for admin:ServerUpdate can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow...