Versions in this module
v1
Jan 22, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 21, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 15, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 8, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 4, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 3, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Dec 24, 2023 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Dec 10, 2023 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Nov 30, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Nov 13, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 25, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 19, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
v0
Oct 15, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 8, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 8, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 4, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 3, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 1, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Sep 14, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Sep 10, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 29, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 24, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 20, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 16, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 15, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 14, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 8, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jun 18, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jun 9, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jun 4, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jun 1, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jun 1, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
May 21, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
May 21, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
May 10, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Apr 24, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Apr 19, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Apr 5, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 29, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 29, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 28, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 28, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 26, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 9, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 9, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 6, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Feb 26, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Feb 23, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Changes in this version
type PluginIdentity
Feb 8, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Changes in this version
Feb 7, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs