EPSS
Percentile
43.2%
github.com/minio/minio is vulnerable to authorization bypass. PostPolicyHandler did not verify user policies and allows an attacker to bypass the readOnly policy by creating a temporary mc share upload URL.
readOnly
mc share upload
github.com/minio/minio/commit/039f59b552319fcc2f83631bb421a7d4b82bc482
github.com/minio/minio/pull/11682
github.com/minio/minio/releases/tag/RELEASE.2021-03-04T00-53-13Z
github.com/minio/minio/security/advisories/GHSA-hq5j-6r98-9m8v