CVE-2024-55949: MinIO vulnerable to privilege escalation in IAM import API
(updated )
Privilege escalation in IAM import API, all users are impacted since MinIO commit 580d9db85e04f1b63cc2909af50f0ed08afa965f
References
- github.com/advisories/GHSA-cwq8-g58r-32hg
- github.com/minio/minio
- github.com/minio/minio/commit/580d9db85e04f1b63cc2909af50f0ed08afa965f
- github.com/minio/minio/commit/f246c9053f9603e610d98439799bdd2a6b293427
- github.com/minio/minio/pull/20756
- github.com/minio/minio/security/advisories/GHSA-cwq8-g58r-32hg
- nvd.nist.gov/vuln/detail/CVE-2024-55949
Code Behaviors & Features
Detect and mitigate CVE-2024-55949 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →