minio-fips | Snyk

Direct Vulnerabilities

Known vulnerabilities in the minio-fips package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L GHSA-hv4r-mvr4-25vw	<0.20260520.234452-r0
H Improper Authentication	<0.20260520.234452-r0
M Allocation of Resources Without Limits or Throttling	<0.20260410.215259-r0
L GHSA-h749-fxx7-pwpg	<0.20260410.215259-r0
C Improper Authentication	<0.20260604.005411-r0
H Improper Authentication	<0.20260604.005411-r0
L GHSA-9c4q-hq6p-c237	<0.20260604.005411-r0
L GHSA-5cx5-wh4m-82fh	<0.20260604.005411-r0
L CVE-2026-39821	<0.20260604.005411-r1
L GHSA-w2q5-6q6x-x959	<0.20260604.005411-r1
L CVE-2026-46595	<0.20260520.234452-r1
L Improper Certificate Validation	<0.20260520.234452-r1
L Improper Certificate Validation	<0.20260520.234452-r1
L Integer Overflow or Wraparound	<0.20260520.234452-r1
L Improper Verification of Cryptographic Signature	<0.20260520.234452-r1
L Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<0.20260520.234452-r1
L Incorrect Type Conversion or Cast	<0.20260520.234452-r1
L Missing Authorization	<0.20260520.234452-r1
L Out-of-Bounds	<0.20260520.234452-r1
L GHSA-wg65-39gg-5wfj	<0.20260520.234452-r0
L Information Exposure	<0.20260520.234452-r0
M Directory Traversal	<0.20260520.234452-r0
L Resource Exhaustion	<0.20260520.234452-r0
L GHSA-xh8f-g2qw-gcm7	<0.20260520.234452-r0
L GHSA-8rm2-7qqf-34qm	<0.20260520.234452-r0
M Cross-site Scripting (XSS)	<0.20260512.133534-r0
L GHSA-fw8g-cg8f-9j28	<0.20260512.133534-r0
L GHSA-wf45-q9ch-q8gh	<0.20260512.133534-r0
L Integer Overflow or Wraparound	<0.20260512.133534-r0
L Cross-site Scripting (XSS)	<0.20260410.215259-r2
L GHSA-p9h5-jm8x-mjm5	<0.20260410.215259-r2
L GHSA-3v2c-x6q9-f697	<0.20260410.215259-r2
L GHSA-qf3q-3h68-mmh2	<0.20260410.215259-r2
M Out-of-bounds Write	<0.20260410.215259-r2
L GHSA-2283-wf8c-rw8r	<0.20260410.215259-r2
H NULL Pointer Dereference	<0.20260410.215259-r2
L CVE-2026-39825	<0.20260410.215259-r2
L GHSA-8g2r-hhvj-mv99	<0.20260410.215259-r2
L Improper Encoding or Escaping of Output	<0.20260410.215259-r2
L GHSA-qc64-m6c2-v4x7	<0.20260410.215259-r2
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0.20260410.215259-r2
H Double Free	<0.20260410.215259-r2
H Allocation of Resources Without Limits or Throttling	<0.20260410.215259-r2
L CVE-2026-42499	<0.20260410.215259-r2
L GHSA-5m4p-2gjx-p2g8	<0.20260410.215259-r2
L CVE-2026-42501	<0.20260410.215259-r2
M Link Following	<0.20260410.215259-r2
L GHSA-xq5j-9r39-c3vf	<0.20260410.215259-r2
L GHSA-h74g-238j-357m	<0.20260410.215259-r2
L GHSA-497x-jcxf-m478	<0.20260410.215259-r2
L GHSA-pjcq-xvwq-hhpj	<0.20260410.215259-r2
H Integer Overflow or Wraparound	<0.20260410.215259-r2
M Cross-site Scripting (XSS)	<0.20260410.215259-r1
L GHSA-vffh-x6r8-xx99	<0.20260410.215259-r1
H Incorrect Authorization	<0.20260520.234452-r1
H Allocation of Resources Without Limits or Throttling	<0.20260520.234452-r1
H Untrusted Search Path	<0.20260520.234452-r1
L GHSA-hfvc-g4fc-pqhx	<0.20260520.234452-r1
M Cross-site Scripting (XSS)	<0.20260520.234452-r1
L GHSA-gjvh-7jh8-7xhm	<0.20260520.234452-r1
L GHSA-5w89-2c2x-6x66	<0.20260520.234452-r1
L GHSA-jrg3-gfjw-hm96	<0.20260520.234452-r1
L CVE-2026-32280	<0.20260520.234452-r1
L GHSA-m4pr-4j3g-9v7v	<0.20260520.234452-r1
H Improper Certificate Validation	<0.20260520.234452-r1
L GHSA-x4jj-h2v8-hqqv	<0.20260520.234452-r1
M Allocation of Resources Without Limits or Throttling	<0.20260520.234452-r1
L GHSA-7mr4-xjxg-34g6	<0.20260520.234452-r1
L GHSA-78h2-9frx-2jm8	<0.20260330.001845-r1
L Uncaught Exception	<0.20260330.001845-r1
L Improper Validation of Array Index	<0.20251015.172955-r11
L Improper Authorization	<0.20251015.172955-r10
L GHSA-6g7g-w4f8-9c9x	<0.20251015.172955-r11
L GHSA-p77j-4mvh-x3m3	<0.20251015.172955-r10
L Cross-site Scripting (XSS)	<0.20251015.172955-r9
L Direct Request ('Forced Browsing')	<0.20251015.172955-r9
L GHSA-j3gx-2473-5fp8	<0.20251015.172955-r9
L GHSA-rv83-g57w-fr8j	<0.20251015.172955-r9
L Directory Traversal	<0.20251015.172955-r9
L GHSA-j4j7-vw47-rhfq	<0.20251015.172955-r9
L Untrusted Search Path	<0.20251015.172955-r7
L GHSA-9h8m-3fm2-qjrq	<0.20251015.172955-r7
C CVE-2025-68121	<0.20251015.172955-r5
L GHSA-h355-32pf-p2xm	<0.20251015.172955-r5
L GHSA-8jvr-vh7g-f8gx	<0.20251015.172955-r5
L CVE-2025-61732	<0.20251015.172955-r5
L GHSA-cm6p-qc7v-m3jw	<0.20251015.172955-r4
L GHSA-gm9r-q53w-2gh4	<0.20251015.172955-r4
L GHSA-xvqr-69v8-f3gv	<0.20251015.172955-r4
L CVE-2025-61731	<0.20251015.172955-r4
L CVE-2025-61730	<0.20251015.172955-r4
L Out-of-bounds Write	<0.20251015.172955-r4
L GHSA-gr56-3gp6-6gmj	<0.20251015.172955-r4
L Allocation of Resources Without Limits or Throttling	<0.20251015.172955-r4
L GHSA-6v2p-p543-phr9	<0.20250228.095516-r1
L GHSA-32fw-gq77-f2f2	<0.20251015.172955-r3
M Numeric Truncation Error	<0.20251015.172955-r3
L GHSA-j5w8-q4qc-rx2x	<0.20251015.172955-r1
L GHSA-f6x5-jh6r-wrfv	<0.20251015.172955-r1
L CVE-2025-58181	<0.20251015.172955-r1
L CVE-2025-47914	<0.20251015.172955-r1
L Race Condition	<0.20250723.155402-r1
L CVE-2025-4673	<0.20250524.170830-r2
L CVE-2025-22874	<0.20250524.170830-r2
L CVE-2025-22872	<0.20250408.154124-r1
L Asymmetric Resource Consumption (Amplification)	<0.20250312.180418-r2
L CVE-2025-22870	<0.20250312.180418-r1
L CVE-2025-22868	<0.20250228.095516-r1
L Allocation of Resources Without Limits or Throttling	<0.20250218.162555-r1
L CVE-2025-22866	<0.20250207.232109-r0
L CVE-2024-45338	<0.20241218.131544-r1
L CVE-2024-45337	<0.20241107.005220-r1
L Improper Handling of Exceptional Conditions	<0.20241029.160148-r1
L CVE-2024-34156	<0.20240909.165928-r0
L CVE-2024-34155	<0.20240909.165928-r0
L CVE-2024-34158	<0.20240909.165928-r0
L CVE-2024-28180	<0.20240606.093642-r0
L CVE-2023-45288	<0.20240406.052602-r0
L CVE-2024-24786	<0.20240131.202033-r2
L CVE-2024-28122	<0.20240131.202033-r2
L CVE-2024-24785	<0.20240131.202033-r1
L CVE-2023-45290	<0.20240131.202033-r1
L CVE-2024-24783	<0.20240131.202033-r1
L CVE-2024-24784	<0.20240131.202033-r1
L CVE-2023-45289	<0.20240131.202033-r1

Vulnerability

Vulnerable Version

GHSA-hv4r-mvr4-25vw

<0.20260520.234452-r0

Improper Authentication

<0.20260520.234452-r0

Allocation of Resources Without Limits or Throttling

<0.20260410.215259-r0

GHSA-h749-fxx7-pwpg

<0.20260410.215259-r0

Improper Authentication

<0.20260604.005411-r0

Improper Authentication

<0.20260604.005411-r0

GHSA-9c4q-hq6p-c237

<0.20260604.005411-r0

GHSA-5cx5-wh4m-82fh

<0.20260604.005411-r0

CVE-2026-39821

<0.20260604.005411-r1

GHSA-w2q5-6q6x-x959

<0.20260604.005411-r1

CVE-2026-46595

<0.20260520.234452-r1

Improper Certificate Validation

<0.20260520.234452-r1

Improper Certificate Validation

<0.20260520.234452-r1

Integer Overflow or Wraparound

<0.20260520.234452-r1

Improper Verification of Cryptographic Signature

<0.20260520.234452-r1

Improper Enforcement of Message Integrity During Transmission in a Communication Channel

<0.20260520.234452-r1

Incorrect Type Conversion or Cast

<0.20260520.234452-r1

Missing Authorization

<0.20260520.234452-r1

Out-of-Bounds

<0.20260520.234452-r1

GHSA-wg65-39gg-5wfj

<0.20260520.234452-r0

Information Exposure

<0.20260520.234452-r0

Directory Traversal

<0.20260520.234452-r0

Resource Exhaustion

<0.20260520.234452-r0

GHSA-xh8f-g2qw-gcm7

<0.20260520.234452-r0

GHSA-8rm2-7qqf-34qm

<0.20260520.234452-r0

Cross-site Scripting (XSS)

<0.20260512.133534-r0

GHSA-fw8g-cg8f-9j28

<0.20260512.133534-r0

GHSA-wf45-q9ch-q8gh

<0.20260512.133534-r0

Integer Overflow or Wraparound

<0.20260512.133534-r0

Cross-site Scripting (XSS)

<0.20260410.215259-r2

GHSA-p9h5-jm8x-mjm5

<0.20260410.215259-r2

GHSA-3v2c-x6q9-f697

<0.20260410.215259-r2

GHSA-qf3q-3h68-mmh2

<0.20260410.215259-r2

Out-of-bounds Write

<0.20260410.215259-r2

GHSA-2283-wf8c-rw8r

<0.20260410.215259-r2

NULL Pointer Dereference

<0.20260410.215259-r2

CVE-2026-39825

<0.20260410.215259-r2

GHSA-8g2r-hhvj-mv99

<0.20260410.215259-r2

Improper Encoding or Escaping of Output

<0.20260410.215259-r2

GHSA-qc64-m6c2-v4x7

<0.20260410.215259-r2

Loop with Unreachable Exit Condition ('Infinite Loop')

<0.20260410.215259-r2

Double Free

<0.20260410.215259-r2

Allocation of Resources Without Limits or Throttling

<0.20260410.215259-r2

CVE-2026-42499

<0.20260410.215259-r2

GHSA-5m4p-2gjx-p2g8

<0.20260410.215259-r2

CVE-2026-42501

<0.20260410.215259-r2

Link Following

<0.20260410.215259-r2

GHSA-xq5j-9r39-c3vf

<0.20260410.215259-r2

GHSA-h74g-238j-357m

<0.20260410.215259-r2

GHSA-497x-jcxf-m478

<0.20260410.215259-r2

GHSA-pjcq-xvwq-hhpj

<0.20260410.215259-r2

Integer Overflow or Wraparound

<0.20260410.215259-r2

Cross-site Scripting (XSS)

<0.20260410.215259-r1

GHSA-vffh-x6r8-xx99

<0.20260410.215259-r1

Incorrect Authorization

<0.20260520.234452-r1

Allocation of Resources Without Limits or Throttling

<0.20260520.234452-r1

Untrusted Search Path

<0.20260520.234452-r1

GHSA-hfvc-g4fc-pqhx

<0.20260520.234452-r1

Cross-site Scripting (XSS)

<0.20260520.234452-r1

GHSA-gjvh-7jh8-7xhm

<0.20260520.234452-r1

GHSA-5w89-2c2x-6x66

<0.20260520.234452-r1

GHSA-jrg3-gfjw-hm96

<0.20260520.234452-r1

CVE-2026-32280

<0.20260520.234452-r1

GHSA-m4pr-4j3g-9v7v

<0.20260520.234452-r1

Improper Certificate Validation

<0.20260520.234452-r1

GHSA-x4jj-h2v8-hqqv

<0.20260520.234452-r1

Allocation of Resources Without Limits or Throttling

<0.20260520.234452-r1

GHSA-7mr4-xjxg-34g6

<0.20260520.234452-r1

GHSA-78h2-9frx-2jm8

<0.20260330.001845-r1

Uncaught Exception

<0.20260330.001845-r1

Improper Validation of Array Index

<0.20251015.172955-r11

Improper Authorization

<0.20251015.172955-r10

GHSA-6g7g-w4f8-9c9x

<0.20251015.172955-r11

GHSA-p77j-4mvh-x3m3

<0.20251015.172955-r10

Cross-site Scripting (XSS)

<0.20251015.172955-r9

Direct Request ('Forced Browsing')

<0.20251015.172955-r9

GHSA-j3gx-2473-5fp8

<0.20251015.172955-r9

GHSA-rv83-g57w-fr8j

<0.20251015.172955-r9

Directory Traversal

<0.20251015.172955-r9

GHSA-j4j7-vw47-rhfq

<0.20251015.172955-r9

Untrusted Search Path

<0.20251015.172955-r7

GHSA-9h8m-3fm2-qjrq

<0.20251015.172955-r7

CVE-2025-68121

<0.20251015.172955-r5

GHSA-h355-32pf-p2xm

<0.20251015.172955-r5

GHSA-8jvr-vh7g-f8gx

<0.20251015.172955-r5

CVE-2025-61732

<0.20251015.172955-r5

GHSA-cm6p-qc7v-m3jw

<0.20251015.172955-r4

GHSA-gm9r-q53w-2gh4

<0.20251015.172955-r4

GHSA-xvqr-69v8-f3gv

<0.20251015.172955-r4

CVE-2025-61731

<0.20251015.172955-r4

CVE-2025-61730

<0.20251015.172955-r4

Out-of-bounds Write

<0.20251015.172955-r4

GHSA-gr56-3gp6-6gmj

<0.20251015.172955-r4

Allocation of Resources Without Limits or Throttling

<0.20251015.172955-r4

GHSA-6v2p-p543-phr9

<0.20250228.095516-r1

GHSA-32fw-gq77-f2f2

<0.20251015.172955-r3

Numeric Truncation Error

<0.20251015.172955-r3

GHSA-j5w8-q4qc-rx2x

<0.20251015.172955-r1

GHSA-f6x5-jh6r-wrfv

<0.20251015.172955-r1

CVE-2025-58181

<0.20251015.172955-r1

CVE-2025-47914

<0.20251015.172955-r1

Race Condition

<0.20250723.155402-r1

CVE-2025-4673

<0.20250524.170830-r2

CVE-2025-22874

<0.20250524.170830-r2

CVE-2025-22872

<0.20250408.154124-r1

Asymmetric Resource Consumption (Amplification)

<0.20250312.180418-r2

CVE-2025-22870

<0.20250312.180418-r1

CVE-2025-22868

<0.20250228.095516-r1

Allocation of Resources Without Limits or Throttling

<0.20250218.162555-r1

CVE-2025-22866

<0.20250207.232109-r0

CVE-2024-45338

<0.20241218.131544-r1

CVE-2024-45337

<0.20241107.005220-r1

Improper Handling of Exceptional Conditions

<0.20241029.160148-r1

CVE-2024-34156

<0.20240909.165928-r0

CVE-2024-34155

<0.20240909.165928-r0

CVE-2024-34158

<0.20240909.165928-r0

CVE-2024-28180

<0.20240606.093642-r0

CVE-2023-45288

<0.20240406.052602-r0

CVE-2024-24786

<0.20240131.202033-r2

CVE-2024-28122

<0.20240131.202033-r2

CVE-2024-24785

<0.20240131.202033-r1

CVE-2023-45290

<0.20240131.202033-r1

CVE-2024-24783

<0.20240131.202033-r1

CVE-2024-24784

<0.20240131.202033-r1

CVE-2023-45289

<0.20240131.202033-r1