COOEY // HUBcompliance · community · intelligence

FAIL › dossier

MinIO vendor

2
failure events
0
zero-days
0
RCEs
2
on KEV
0
critical
50
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 4 events

DateEventSevFlagsShameSummary
2023-09-19 CVE-2023-28434 high ⌖KEV 50 MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket` to conduct privilege escalation. To carry out this attack, the atta
2023-09-19 CVE-2023-28434 high ⌖KEV 50 MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket` to conduct privilege escalation. To carry out this attack, the atta
2023-04-21 CVE-2023-28432 high ⌖KEV 50 MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure.
2023-04-21 CVE-2023-28432 high ⌖KEV 50 MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure.