lakefs-sdk@0.1.0 vulnerabilities

lakeFS API

  • latest version

    1.46.0

  • latest non vulnerable version

  • first published

    1 years ago

  • latest version published

    1 days ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the lakefs-sdk package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Improper Preservation of Permissions

    lakefs-sdk is a lakeFS API

    Affected versions of this package are vulnerable to Improper Preservation of Permissions via the process of re-creating a user with the same username as a previously deleted one. An attacker can gain access to the system using the credentials of the deleted user.

    How to fix Improper Preservation of Permissions?

    Upgrade lakefs-sdk to version 1.33.0 or higher.

    [,1.33.0)