Lucene search
K

5 matches found

Chainguard
Chainguard
added 2025/04/07 1:13 p.m.17 views

CVE-2025-31489 vulnerabilities

Vulnerabilities for packages: minio...

8.7CVSS7.2AI score0.02421EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/04 8:32 a.m.25 views

CVE-2025-31489

A flaw was found in the Minio package. The signature component of the authorization may be invalid, which would mean that, as a client, you can use any arbitrary secret to upload objects, given the user already has prior WRITE permissions on the bucket. Prior knowledge of the access key and bucke...

7.5CVSS7AI score0.02421EPSS
Exploits0References5
Circl
Circl
added 2025/04/03 8:33 p.m.8 views

CVE-2025-31489

creationtimestamp| type| source ---|---|--- 2025-04-03 20:33:02+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114275934621714005 2025-04-03 20:33:02+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114275934621714005 2025-04-03 21:06:35+00:00| seen|...

8.7CVSS7.2AI score0.02421EPSS
Exploits0References6
NVD
NVD
added 2025/04/03 8:15 p.m.29 views

CVE-2025-31489

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on...

8.7CVSS0.02421EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/03 7:36 p.m.14 views

CVE-2025-31489 MinIO performs incomplete signature validation for unsigned-trailer uploads

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on...

8.7CVSS6.8AI score0.02421EPSS
Exploits0References2
Rows per page
Query Builder