Treeverse Lakefs

5 CVEs affecting Treeverse Lakefs. Latest disclosed: 2026-02-13. Critical: 0, High: 1.

Top CVEs affecting Treeverse Lakefs
CVESeverityScorePublishedSummary
CVE-2026-26187High8.12026-02-13lakeFS is an open-source tool that transforms object storage into a Git-like repositories. Prior to 1.77.0, the local block adapter (pkg/block/local/adapter.go…
CVE-2025-68671Medium6.52026-01-15lakeFS is an open-source tool that transforms object storage into a Git-like repositories. LakeFS's S3 gateway does not validate timestamps in authenticated re…
CVE-2025-27100Medium6.52025-02-21lakeFS is an open-source tool that transforms your object storage into a Git-like repository. In affected versions an authenticated user can crash lakeFS by ex…
CVE-2024-43784Medium5.72024-11-26lakeFS is an open-source tool that transforms object storage into a Git-like repository. Existing lakeFS users who have issued credentials to users who have be…
CVE-2025-64179Medium5.32025-11-06lakeFS is an open-source tool that transforms object storage into a Git-like repositories. In versions 1.69.0 and below, missing authentication in the /api/v1/…