Versions in this module
v1
Nov 18, 2024
Nov 5, 2024
Oct 31, 2024
Oct 30, 2024
Oct 22, 2024
Oct 22, 2024
Oct 22, 2024
Oct 22, 2024
Changes in this version
Oct 7, 2024
Oct 1, 2024
Sep 30, 2024
Changes in this version
type PullRequest
type PullRequestData
type UpdatePullRequest
Sep 24, 2024
Changes in this version
type Graveler
type RefManager
Sep 16, 2024
Sep 5, 2024
Aug 27, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 23, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 8, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 7, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 7, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jul 26, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jul 16, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jul 8, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jul 3, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jun 26, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jun 20, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jun 18, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jun 18, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Branch
May 30, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type SetOptionsFunc
May 19, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
May 15, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
May 9, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
May 6, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 16, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 14, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 10, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 9, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 3, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 24, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 19, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 17, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 12, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Feb 22, 2024 GO-2024-3291
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Feb 20, 2024 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Feb 19, 2024 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Feb 14, 2024 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Feb 5, 2024 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Jan 22, 2024 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jan 21, 2024 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
type RefManager
Jan 15, 2024 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
Jan 8, 2024 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jan 4, 2024 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type CommitParams
Jan 3, 2024 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Repository
type SetOptions
type SetOptionsFunc
Dec 24, 2023 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Dec 10, 2023 GO-2024-2581 +1 more
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Nov 30, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Nov 13, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Oct 25, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Oct 19, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
v0
Oct 15, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Oct 8, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Oct 8, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Oct 4, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Oct 3, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Oct 1, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
type ProtectedBranchesManager
type VersionController
Sep 14, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
Sep 10, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 29, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 24, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 20, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 16, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 15, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 14, 2023 GO-2023-2397 +2 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 8, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Jun 18, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
type RefManager
Jun 9, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jun 4, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jun 1, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jun 1, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
type RefManager
May 21, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
May 21, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
May 10, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 24, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 19, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 5, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type CommittedManager
type Graveler
type KeyValueStore
Mar 29, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 29, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 28, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 28, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 26, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Mar 9, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 9, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 6, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Feb 26, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Feb 23, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Feb 8, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Feb 7, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Feb 2, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jan 29, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jan 22, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Jan 17, 2023 GO-2023-2012 +4 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
type RefManager
type VersionController
Jan 8, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
Dec 22, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Dec 14, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Dec 13, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Nov 24, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Nov 16, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type GarbageCollectionManager
type GarbageCollectionRunMetadata
type KVGraveler
type KeyValueStore
Nov 8, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Oct 24, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Oct 12, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Oct 4, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Oct 3, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Sep 22, 2022 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
+
Key Key
type KVGraveler
Oct 9, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Sep 5, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Sep 4, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Aug 30, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 23, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 23, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 22, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type DBGraveler
type KVGraveler
Aug 17, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 11, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type StagingManager
Aug 3, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Branch
type BranchData
type Commit
type CommitData
type KVGraveler
type MetaRangeID
type RefManager
type Repository
type RepositoryRecord
type StagingManager
type StagingToken
type TagData
type TagRecord
Jul 14, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type KVGraveler
Jul 11, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Jun 21, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jun 15, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type HooksHandler
type HooksNoOp
May 25, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
May 17, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Apr 29, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 17, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type CommittedManager
type Graveler
type MetaRangeInfo
Apr 3, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type EventType
type HookRecord
type HooksHandler
type HooksNoOp
Mar 7, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Feb 28, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Feb 27, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Feb 15, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Feb 8, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Jan 26, 2022 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type CommitParams
Dec 26, 2021 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Dec 20, 2021 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Dec 16, 2021 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type DiffSummary
Dec 5, 2021 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Nov 17, 2021 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Nov 8, 2021 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Oct 27, 2021 GO-2022-1019 +4 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Oct 25, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
Oct 10, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Oct 4, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Oct 4, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
type VersionController
Sep 14, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Sep 5, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Sep 2, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Sep 2, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Aug 22, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jul 28, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jul 19, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jul 19, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jul 7, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jul 7, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
type RefManager
Jul 1, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type GarbageCollectionManager
Jun 24, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
type VersionController
Jun 8, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
May 30, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Commit
May 12, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
May 3, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 25, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 20, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Apr 20, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Changes in this version
type Graveler
Mar 17, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Mar 29, 2022 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jan 25, 2022 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jan 25, 2022 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Jan 25, 2022 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Dec 26, 2021 GO-2022-0375 +5 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs