HIGH8.1CVE-2026-26187lakeFS vulnerable to path traversal in local block adapter allow cross-namespace and sibling directory access in github.com/treeverse/lakefs from 0, < 1.77.0
HIGH8.1CVE-2026-26187lakeFS vulnerable to path traversal in local block adapter allow cross-namespace and sibling directory access in github.com/treeverse/lakefs from 0, < 1.77.0
MEDIUM6.5CVE-2025-68671lakeFS is Missing Timestamp Validation in S3 Gateway Authentication in github.com/treeverse/lakefs from 0, < 1.75.0
MEDIUM6.5lakeFS is Missing Timestamp Validation in S3 Gateway Authentication in github.com/treeverse/lakefs
from 0, < 1.75.0
MEDIUM6.5lakeFS allows an authenticated user to cause a crash by exhausting server memory in github.com/treeverse/lakefs
from 0, < 1.50.0
MEDIUM6.5lakeFS allows an authenticated user to cause a crash by exhausting server memory in github.com/treeverse/lakefs
from 0, < 1.50.0
MEDIUM5.7Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
from 0, < 1.33.0
MEDIUM5.7Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
from 0, < 1.33.0
MEDIUM5.3lakeFS affected by unauthenticated access to API usage metrics in github.com/treeverse/lakefs
from 0, < 1.71.0
MEDIUM5.3lakeFS affected by unauthenticated access to API usage metrics in github.com/treeverse/lakefs
from 0, < 1.71.0