-
Notifications
You must be signed in to change notification settings - Fork 6.3k
Security: minio/minio
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Privilege Escalation via Session Policy Bypass in Service Accounts and STSGHSA-jjjj-jwhf-8rgr published
Oct 16, 2025 by harshavardhanaHigh -
incomplete signature validation for unsigned-trailer uploadsGHSA-wg47-6jq2-q2hh published
Apr 3, 2025 by harshavardhanaHigh -
SFTP authentication bypass due to improperly trusted SSH keyGHSA-wc79-7x8x-2p58 published
Feb 28, 2025 by harshavardhanaModerate -
Privilege escalation in IAM import APIGHSA-cwq8-g58r-32hg published
Dec 15, 2024 by harshavardhanaCritical -
Information disclosure in GetObject with If-Modified-Since, If-Unmodified-Since headersGHSA-95fr-cm4m-q5p9 published
May 28, 2024 by minio-trustedModerate -
Implicit allow for Access keys to inherit `admin:UpdateServiceAccount` allows for privilege escalationGHSA-xx8w-mq23-29g4 published
Jan 31, 2024 by harshavardhanaHigh -
Information Disclosure in Cluster DeploymentGHSA-6xvq-wj2x-3h3q published
Mar 21, 2023 by harshavardhanaCritical -
Privilege Escalation on Linux/MacOSGHSA-2pxw-r47w-4p8c published
Mar 21, 2023 by harshavardhanaCritical -
Privilege Escalation on Windows via Path separator manipulationGHSA-w23q-4hw3-2pp6 published
Mar 21, 2023 by harshavardhanaCritical -
Denial of access by an admin privileged user for root credentialGHSA-9wfv-wmf7-6753 published
Mar 13, 2023 by harshavardhanaModerate