Vulnerabilidades en minio
31 resultadosCVE-2023-28432HIGHMinio Information Disclosure in Cluster DeploymentEPSS 84.0%KEVCVE-2022-35919HIGHAuthenticated requests for server update admin API allows path traversal in minioEPSS 52.3%CVE-2021-41266HIGHAuthentication bypass issue in the Operator ConsoleEPSS 51.4%CVE-2021-43858HIGHUser privilege escalation in MinIOEPSS 35.5%CVE-2024-24747HIGHMinIO unsafe default: Access keys inherit `admin` of root user, allowing privilege escalationEPSS 34.1%CVE-2021-21287HIGHServer-Side Request Forgery in MinIO Browser APIEPSS 24.8%CVE-2026-42600MEDIUMMinIO: Path Traversal via msgpack Body in `ReadMultiple` Storage-REST EndpointEPSS 8.5%CVE-2023-28434HIGHMinIO is vulnerable to privilege escalation on Linux/MacOSEPSS 6.7%KEVCVE-2022-31028HIGHPossible DDOS by establishing keep-alive connections with anonymous HTTP clients in MinIOEPSS 2.8%CVE-2025-31489HIGHMinIO performs incomplete signature validation for unsigned-trailer uploadsEPSS 2.2%CVE-2020-11012CRITICALAuthentication bypass MinIO Admin APIEPSS 2.1%CVE-2022-24842HIGHImproper Privilege Management in MinIOEPSS 2.0%CVE-2021-21362HIGHBypassing readOnly policy by creating a temporary 'mc share upload' URLEPSS 1.3%CVE-2021-41137HIGHBypassing policy restrictions on regular usersEPSS 1.2%CVE-2023-28433HIGHMinio Privilege Escalation on Windows via Path separator manipulationEPSS 1.0%CVE-2023-25812MEDIUMAllowed DELETE on resources on object locked buckets under Governance mode in MinioEPSS 1.0%CVE-2023-27589MEDIUMMinio vulnerable to denial of access by an admin privileged user for root credentialEPSS 0.9%CVE-2021-21390MEDIUMMITM modification of request bodies in MinIOEPSS 0.9%CVE-2024-55949CRITICALPrivilege escalation in IAM import API in MinIOEPSS 0.7%CVE-2023-33955MEDIUMMinio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploitedEPSS 0.6%