EPSS
Percentile
72.7%
github.com/minio/minio is vulnerable to path traversal. The vulnerability exists in downloadReleaseURL function in update.go because the admin:ServiceUpdate is not properly handled which allows an attacker to get access to the file system.
downloadReleaseURL
update.go
admin:ServiceUpdate
github.com/minio/minio/commit/bc72e4226e669d98c8e0f3eccc9297be9251c692
github.com/minio/minio/pull/15429
github.com/minio/minio/security/advisories/GHSA-gr9v-6pcm-rqvg