| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-25812 | Allowed DELETE on resources on object locked buckets under Governance mode in Minio | minio | minio | Medium | 6.5 | 2023-02-21 20:32:35 | Deep Dive |
| CVE-2022-35919 | Authenticated requests for server update admin API allows path traversal in minio | minio | minio | High | 7.4 | 2022-08-01 00:00:00 | Deep Dive |
| CVE-2022-31028 | Possible DDOS by establishing keep-alive connections with anonymous HTTP clients in MinIO | minio | minio | High | 7.5 | 2022-06-03 14:40:11 | Deep Dive |
| CVE-2022-24842 | Improper Privilege Management in MinIO | minio | minio | High | 8.8 | 2022-04-12 17:20:18 | Deep Dive |
| CVE-2021-43858 | User privilege escalation in MinIO | minio | minio | High | 8.8 | 2021-12-27 21:20:11 | Deep Dive |
| CVE-2021-41266 | Authentication bypass issue in the Operator Console | minio | console | High | 8.6 | 2021-11-15 20:20:10 | Deep Dive |
| CVE-2021-41137 | Bypassing policy restrictions on regular users | minio | minio | High | 8.8 | 2021-10-13 14:00:13 | Deep Dive |
| CVE-2021-21390 | MITM modification of request bodies in MinIO | minio | minio | Medium | 6.5 | 2021-03-19 16:00:17 | Deep Dive |
| CVE-2021-21362 | Bypassing readOnly policy by creating a temporary 'mc share upload' URL | minio | minio | High | 7.7 | 2021-03-08 18:40:34 | Deep Dive |
| CVE-2021-21287 | Server-Side Request Forgery in MinIO Browser API | minio | minio | High | 7.7 | 2021-02-01 17:15:16 | Deep Dive |
| CVE-2020-11012 | Authentication bypass MinIO Admin API | MinIO | minio | Critical | 9.3 | 2020-04-23 21:55:14 | Deep Dive |
| CVE-2019-10285 | CloudBees Jenkins Minio Storage Plugin 信任管理问题漏洞 | Jenkins project | Jenkins Minio Storage Plugin | 高危 | - | 2019-04-04 15:38:49 | Deep Dive |