Question 1

What is CVE-2023-28432 — MinIO Information Disclosure Vulnerability?

Accepted Answer

MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure.

Question 2

What is the authoritative source for CVE-2023-28432?

Accepted Answer

MinIO Information Disclosure Vulnerability (CVE-2023-28432) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2023-28432MinIO Information Disclosure Vulnerability

Description

Scoring

CISA KEV entry

(incoming)1

Related by meaning· 6