Versions in this module
v0
Mar 1, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Feb 17, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Feb 17, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Feb 10, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Feb 9, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Feb 8, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jan 26, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jan 21, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jan 18, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Changes in this version
type SharedParams
Jan 11, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Changes in this version
type LocalDiskParams
Jan 3, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Changes in this version