CVE-2025-65109

Sažetak

Minder is an open source software supply chain security platform. In Minder Helm version 0.20241106.3386+ref.2507dbf and Minder Go versions from 0.0.72 to 0.0.83, Minder users may fetch content in the context of the Minder server, which may include URLs which the user would not normally have access to. This issue has been patched in Minder Helm version 0.20250203.3849+ref.fdc94f0 and Minder Go version 0.0.84.

Reference

https://github.com/mindersec/minder/commit/f770400923984649a287d7215410ef108e845af8
https://github.com/mindersec/minder/security/advisories/GHSA-6xvf-4vh9-mw47

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

25-11-2025 - 22:16

Objavljeno

21-11-2025 - 22:16