Vulnerability in Mindersec Minder

CVE-2025-65109

Minder is an open source software supply chain security platform. In Minder Helm version 0.20241106.3386+ref.2507dbf and Minder Go versions from 0.0.72 to 0.0.83, Minder users may fetch content in the context of the Minder server, which ma…

EPSS: 0.001 (18.9th percentile) — read the EPSS interpretation.

Affected products

Mindersec Minder — versions Helm = 0.20241106.3386+ref.2507dbf, Go >= 0.0.72, < 0.0.84

Weakness classification (CWE)

CWE-830

References

https://github.com/mindersec/minder/security/advisories/GHSA-6xvf-4vh9-mw47 (x_refsource_CONFIRM)
https://github.com/mindersec/minder/commit/f770400923984649a287d7215410ef108e845af8 (x_refsource_MISC)