5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.6%
github.com/minio/minio/ is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the ability to infer the existence of objects on a server by sending anonymous requests with random object names.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/minio/minio | le | RELEASE.2024-05-10T01-41-38Z | |
github.com/minio/minio | le | RELEASE.2024-05-10T01-41-38Z |
developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Modified-Since
developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Unmodified-Since
github.com/minio/minio/commit/e0fe7cc391724fc5baa85b45508f425020fe4272
github.com/minio/minio/pull/19810
github.com/minio/minio/security/advisories/GHSA-95fr-cm4m-q5p9
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.6%