Vulnerability Report: GO-2024-3291

Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs

For detailed information about this vulnerability, visit https://github.com/treeverse/lakeFS/security/advisories/GHSA-hh33-46q4-hwm2 or https://nvd.nist.gov/vuln/detail/CVE-2024-43784.

Affected Modules

Aliases

References

Feedback

This report is unreviewed. It was automatically generated from a third-party source and its details have not been verified by the Go team.
See anything missing or incorrect? Suggest an edit to this report.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL