CVE-2023-28432

Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including MINIOSECRETKEY and MINIOROOTPASSWORD, resulting in information disclosure. All users of...

CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added three security flaws to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The three vulnerabilities are as follows - CVE-2023-28432 CVSS score - 7.5 - MinIO Information Disclosu...