Test environments for CVE-2023-28432, information disclosure in MinIO clusters.
The directories provide different versions / configurations for a MinIO cluster:
| Directory | Remark |
|---|---|
| leaked-key | Vulnerable instance, using the (deprecated) MINIO_ACCESS_KEY environment variable |
| leaked-password | Vulnerable instance, using the MINIO_ROOT_PASSWORD environment variable. |
| no-password | Vulnerable instance, using the default credentials if no password is set |
| not-vulnerable | Secure instance |
| not-vulnerable-default-pw | Secure instance, using the default credentials, thus vulnerable |