2 matches found
BIT-MINIO-2024-55949 Privilege escalation in IAM import API in MinIO
MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license. Minio is subject to a privilege escalation in IAM import API, all users are impacted since MinIO commit 580d9db85e04f1b63cc2909af50f0ed08afa965f. This issue has been addressed in commit...
ROS-20230317-03
A vulnerability in the Minio object store is related to improper enforcement of the bypass prohibition policy, with the removing a version identifier with the special header "X-Amz-Bypass-Governance-Retention: true". Exploitation of the vulnerability could allow an attacker acting remotely to gai...