Github.Com Minio Console vulnerabilities
2 known vulnerabilities affecting github.com/minio_console.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-33955MEDIUM≥ 0, < 0.28.02023-05-26
CVE-2023-33955 [MEDIUM] CWE-200 Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited
Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited
### Impact
Unicode RIGHT-TO-LEFT OVERRIDE characters can be used to mask the original filename.
### Reported-By
Thanks to the report from Mio Li [[email protected]](mailto:[email protected])
### Patches
```
commit 17e791afb90c9ad27c65f63c6be14f2f6a3a9d60
Author: Daniel Valdivia
Da
ghsaosv
CVE-2021-41266HIGHPoC≥ 0, < 0.12.32021-11-15
CVE-2021-41266 [HIGH] CWE-306 Authentication bypass issue in the Operator Console
Authentication bypass issue in the Operator Console
During an internal security audit, we detected an authentication bypass issue in the Operator Console when an external IDP is enabled. The security issue has been reported internally. We have not observed this exploit in the wild or reported elsewhere in the community at large. All users are advised to upgrade ASAP.
### Impact
All users on release v0.12.2 and b
ghsaosv