Versions in this module
v0
Dec 22, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Dec 14, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Dec 13, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Nov 24, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Nov 16, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Nov 8, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 24, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 12, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 4, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 3, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Sep 22, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 9, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Sep 5, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Sep 4, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 30, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 23, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 23, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 22, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 17, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 11, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 3, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jul 14, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jul 11, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jun 21, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jun 15, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
May 25, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
May 17, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Apr 29, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Apr 17, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Apr 3, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Mar 7, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Feb 28, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Feb 27, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Feb 15, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Feb 8, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jan 26, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Dec 26, 2021 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Dec 20, 2021 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Dec 16, 2021 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Dec 5, 2021 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Nov 17, 2021 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Nov 8, 2021 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 27, 2021 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 25, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 10, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 4, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 4, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Sep 14, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Sep 5, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Sep 2, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Sep 2, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 22, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jul 28, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Changes in this version
Mar 29, 2022 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jan 25, 2022 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jan 25, 2022 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jan 25, 2022 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Dec 26, 2021 GO-2022-0375 +4 more
GO-2022-0375: Improper Access Control in github.com/treeverse/lakefs
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs