Versions in this module
v1
Oct 30, 2024
Oct 22, 2024
Oct 22, 2024
Oct 22, 2024
Oct 22, 2024
Oct 7, 2024
Oct 1, 2024
Sep 30, 2024
Sep 24, 2024
Sep 16, 2024
Sep 5, 2024
Aug 27, 2024
Aug 23, 2024
Aug 8, 2024
Aug 7, 2024
Aug 7, 2024
Jul 26, 2024
Jul 16, 2024
Jul 8, 2024
Jul 3, 2024
Jun 26, 2024
Jun 20, 2024
Jun 18, 2024
Jun 18, 2024
May 30, 2024
May 19, 2024
May 15, 2024
May 9, 2024
May 6, 2024
Apr 16, 2024
Apr 14, 2024
Apr 10, 2024
Apr 9, 2024
Apr 3, 2024
Mar 24, 2024
Mar 19, 2024
Mar 17, 2024
Mar 12, 2024
Feb 22, 2024
Feb 20, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Feb 19, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Feb 14, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Feb 5, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 22, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 21, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 15, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 8, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 4, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 3, 2024 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Dec 24, 2023 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Dec 10, 2023 GO-2024-2581
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Nov 30, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Nov 13, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 25, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 19, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
v0
Oct 15, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 8, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 8, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 4, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 3, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Oct 1, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Sep 14, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Sep 10, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 29, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 24, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 20, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 16, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 15, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Aug 14, 2023 GO-2023-2397 +1 more
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Changes in this version
type EntriesIterator
Aug 8, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jun 18, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jun 9, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jun 4, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jun 1, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jun 1, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
May 21, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
May 21, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
May 10, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Apr 24, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Apr 19, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Apr 5, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 29, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 29, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 28, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 28, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 26, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 22, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 9, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 9, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Mar 6, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Feb 26, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Feb 23, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Changes in this version
Feb 8, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Feb 7, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Feb 2, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 29, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 22, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 17, 2023 GO-2023-2012 +3 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-2581: User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository in github.com/treeverse/lakefs
Jan 8, 2023 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Dec 22, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Dec 14, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Dec 13, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Nov 24, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Nov 16, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Nov 8, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 24, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 12, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 4, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 3, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Sep 22, 2022 GO-2023-2012 +2 more
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Oct 9, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Sep 5, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Sep 4, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 30, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 23, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 23, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 22, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 17, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Changes in this version
Aug 11, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Aug 3, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jul 14, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jul 11, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Jun 21, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Changes in this version
type Store
Jun 15, 2022 GO-2022-1019 +3 more
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
Changes in this version