Pyguerder

**Name of the Vulnerable Software and Affected Versions** MinIO Java SDK versions prior to 8.6.0 **Description** The MinIO Java SDK is a client for performing bucket and object operations with Amazon S3 compatible object storage services. Versions prior to 8.6.0 improperly handle XML tag values containing references to system properties or environment variables, automatically substituting them with their actual values. This can expose sensitive information like credentials, file paths, or system configuration details if the XML content originates from an untrusted source. **Recommendations** Update to MinIO Java SDK version 8.6.0 or later.