Lucene search
K

4 matches found

Redos
Redos
added 2025/09/22 12:0 a.m.5 views

ROS-20250922-05

The MinIO object storage server vulnerability is related to a client key trust error if the public key matches the sshPublicKey attribute. Exploitation of the vulnerability could allow an attacker acting remotely to bypass authentication and gain unauthorized access to the server. remotely to...

8.7CVSS7.1AI score0.02421EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/04 8:32 a.m.25 views

CVE-2025-31489

A flaw was found in the Minio package. The signature component of the authorization may be invalid, which would mean that, as a client, you can use any arbitrary secret to upload objects, given the user already has prior WRITE permissions on the bucket. Prior knowledge of the access key and bucke...

7.5CVSS7AI score0.02421EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.5 views

MinIO 数据伪造问题漏洞

MinIO is an open source object storage server from the US-based MinIO. The product supports building infrastructures for machine learning, analytics, and application data workloads. MinIO suffers from a data forgery issue vulnerability that stems from a potentially invalid authorization signature...

8.7CVSS7.4AI score0.02421EPSS
Exploits0References2
Prion
Prion
added 2017/07/25 2:29 p.m.14 views

Authorization

The MWOAuthDataStore::lookuptoken function in Extension:OAuth for MediaWiki 1.25.x before 1.25.3, 1.24.x before 1.24.4, and before 1.23.11 does not properly validate the signature when checking the authorization signature, which allows remote registered Consumers to use another Consumer's...

5CVSS7.1AI score0.02517EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder