CVE-2026-34204 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime() allows any authenticated u…
High CVSS: 7.1

CVE-2026-34204

MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime() allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication-* headers on a normal PutObject request. This issue has been patched in version RELEASE.2026-03-26T21-24-40Z.
Vendor
-
Product
-
CWE
CWE-287
Yayın Tarihi
2026-03-31 20:16:28
Güncelleme
2026-04-01 14:23:37
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-287 HIGH 2026

Referanslar

https://github.com/minio/minio/security/advisories/GHSA-3rh2-v3gr-35p9