—
GO-2026-5437
MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads in github.com/minio/minio
Details
MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads in github.com/minio/minio
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/minio/minio
Introduced in:
0.0.0-20230506025312-76913a9fd5c6 No fixed version published yet for github.com/minio/minio (go modules). Pin to a known-safe version or switch to an alternative.