Vulnerability Report: GO-2025-3594
- CVE-2025-31489, GHSA-wg47-6jq2-q2hh
- Affects: github.com/minio/minio
- Published: Apr 09, 2025
MinIO performs incomplete signature validation for unsigned-trailer uploads in github.com/minio/minio
For detailed information about this vulnerability, visit https://github.com/minio/minio/security/advisories/GHSA-wg47-6jq2-q2hh or https://nvd.nist.gov/vuln/detail/CVE-2025-31489.
Affected Packages
-
PathVersionsSymbols
Aliases
References
- https://github.com/minio/minio/security/advisories/GHSA-wg47-6jq2-q2hh
- https://nvd.nist.gov/vuln/detail/CVE-2025-31489
- https://github.com/minio/minio/commit/8c70975283f9f4ce80f331a25c7475a36279e519
- https://github.com/minio/minio/pull/21103
- https://vuln.go.dev/ID/GO-2025-3594.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.