4 matches found
ROS-20250922-05
The MinIO object storage server vulnerability is related to a client key trust error if the public key matches the sshPublicKey attribute. Exploitation of the vulnerability could allow an attacker acting remotely to bypass authentication and gain unauthorized access to the server. remotely to...
CVE-2025-31489
A flaw was found in the Minio package. The signature component of the authorization may be invalid, which would mean that, as a client, you can use any arbitrary secret to upload objects, given the user already has prior WRITE permissions on the bucket. Prior knowledge of the access key and bucke...
MinIO 数据伪造问题漏洞
MinIO is an open source object storage server from the US-based MinIO. The product supports building infrastructures for machine learning, analytics, and application data workloads. MinIO suffers from a data forgery issue vulnerability that stems from a potentially invalid authorization signature...
Authorization
The MWOAuthDataStore::lookuptoken function in Extension:OAuth for MediaWiki 1.25.x before 1.25.3, 1.24.x before 1.24.4, and before 1.23.11 does not properly validate the signature when checking the authorization signature, which allows remote registered Consumers to use another Consumer's...