FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-02 08:34:31 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
144836e3-2358-11ef-996e-40b034455553	minio -- privilege escalation via permissions inheritance Minio security advisory GHSA-xx8w-mq23-29g4 ports: When someone creates an access key, it inherits the permissions of the parent key. Not only for s3:* actions, but also admin:* actions. Which means unless somewhere above in the access-key hierarchy, the admin rights are denied, access keys will be able to simply override their own s3 permissions to something more permissive. Discovery 2024-01-31 Entry 2024-06-05 minio < 2024.01.31.20.20.33 CVE-2024-24747 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24747

VuXML ID

Description

144836e3-2358-11ef-996e-40b034455553

minio -- privilege escalation via permissions inheritance

Minio security advisory GHSA-xx8w-mq23-29g4 ports:

When someone creates an access key, it inherits the permissions of the parent key. Not only for s3:* actions, but also admin:* actions. Which means unless somewhere above in the access-key hierarchy, the admin rights are denied, access keys will be able to simply override their own s3 permissions to something more permissive.

Discovery 2024-01-31
Entry 2024-06-05
minio

< 2024.01.31.20.20.33

CVE-2024-24747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24747