CNNVD-202510-2281 Information
CNNVD ID
CNNVD-202510-2281
Related CVE
- CNNVD Published: 2025-10-16
Description (Chinese)
MinIO是美国MinIO公司的一款开源的对象存储服务器。该产品支持构建用于机器学习、分析和应用程序数据工作负载的基础架构。 MinIO 2025-10-15T17-29-55Z之前版本存在安全漏洞,该漏洞源于IAM策略验证逻辑错误,可能导致权限提升。
Description (English)
MinIO is an open-source object storage server for MinIO in the United States. The product supports the construction of a base structure for machine learning, analysis and application data loads. The previous version of MinIO 2025-10-15T17-29-55Z had a security loophole, which stemmed from a logical error in the IAM strategy and could lead to an increase in privileges.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
MinIO
Published
2025-10-16
Last Modified
2026-02-24
References
https://github.com/minio/minio/commit/c1a49490c78e9c3ebcad86ba0662319138ace190 https://github.com/minio/minio/security/advisories/GHSA-jjjj-jwhf-8rgr https://github.com/minio/minio/pull/21642 https://access.redhat.com/security/cve/cve-2025-62506
Patch
https://github.com/minio/minio/releases
Share on: