github.com/minio/minio is vulnerable to authorization bypass. PostPolicyHandler did not verify user policies and allows an attacker to bypass the readOnly
policy by creating a temporary mc share upload
URL.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/minio/minio | le | release-1434511043 |