You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license. Minio is subject to a privilege escalation in IAM import API, all users are impacted since MinIO commit 580d9db85e04f1b63cc2909af50f0ed08afa965f. This issue has been addressed in commit f246c9053f9603e610d98439799bdd2a6b293427 which is included in RELEASE.2024-12-13T22-19-12Z. There are no workarounds possible, all users are advised to upgrade immediately.
Advisory CVE-2024-55949 references a vulnerability in the following Go modules:
Description:
MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license. Minio is subject to a privilege escalation in IAM import API, all users are impacted since MinIO commit
580d9db85e04f1b63cc2909af50f0ed08afa965f
. This issue has been addressed in commitf246c9053f9603e610d98439799bdd2a6b293427
which is included in RELEASE.2024-12-13T22-19-12Z. There are no workarounds possible, all users are advised to upgrade immediately.References:
Cross references:
See doc/quickstart.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: