59 matches found
Apache Polaris has an Improper Input Validation Issue
Apache Polaris accepts literal characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access, those same characters appear to be reused unescaped in S3 IAM resource patterns and s3:prefix conditions. In S3 IAM policy matching, is treated as ...
CVE-2026-42809
Apache Polaris can issue broad temporary "vended" storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary credentials are meant to limit the scope of accessible table data and metadata, but this scope limitation...
CVE-2026-42810
Apache Polaris accepts literal characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access, those same characters appear to be reused unescaped in S3 IAM resource patterns and s3:prefix conditions. In S3 IAM policy matching, is treated as ...
EUVD-2026-27035
Apache Polaris accepts literal characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access, those same characters appear to be reused unescaped in S3 IAM resource patterns and s3:prefix conditions. In S3 IAM policy matching, is treated as ...
CVE-2026-42809
Apache Polaris is affected via the staged-create path where an authenticated, low-privilege user can supply a custom location during stage create and request credential vending. Polaris issues broad temporary (vended) storage credentials tied to that location before normal validation and overlap ...
EUVD-2026-27033
Apache Polaris can issue broad temporary "vended" storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary credentials are meant to limit the scope of accessible table data and metadata, but this scope limitation...
CVE-2026-42812
In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. write.metadata.path is an optional table property that tells Polaris where to write those metadata files. For a table already registered in a...
EUVD-2026-27039
In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. write.metadata.path is an optional table property that tells Polaris where to write those metadata files. For a table already registered in a...
CVE-2026-42812 Apache Polaris: No protection on `write.metadata.path`
In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. write.metadata.path is an optional table property that tells Polaris where to write those metadata files. For a table already registered in a...
CVE-2026-42812 Apache Polaris: No protection on `write.metadata.path`
In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. write.metadata.path is an optional table property that tells Polaris where to write those metadata files. For a table already registered in a...
Apache Polaris 输入验证错误漏洞
Apache Polaris is a data management and query service component of the Apache Foundation. Apache Polaris has a vulnerability related to input validation. This vulnerability arises from the lack of verification or proper retention of valid table locations during the creation of phase tables,...
Apache Polaris 输入验证错误漏洞
Apache Polaris is a data management and query service component of the Apache Foundation. Version 1.4.0 of Apache Polaris contains a vulnerability related to input validation. This vulnerability arises from the acceptance of literal asterisk characters in namespace and table names without proper...
CVE-2026-33419
MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor's STS Security Token Service AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credential brute-forcing due to two combined weaknesses: 1 distinguishable error responses that enable...
CVE-2026-33419
MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor's STS Security Token Service AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credential brute-forcing due to two combined weaknesses: 1 distinguishable error responses that enable...
CVE-2026-33419 MinIO: LDAP login brute-force via user enumeration and missing rate limit
MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor's STS Security Token Service AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credential brute-forcing due to two combined weaknesses: 1 distinguishable error responses that enable...
Brute Force
Overview github.com/minio/minio/cmd is an open source object storage server compatible with Amazon S3 APIs. Affected versions of this package are vulnerable to Brute Force via the AssumeRoleWithLDAPIdentity endpoint, which exposes distinguishable error messages and lacks rate limiting. An attacke...
Brute Force
Overview Affected versions of this package are vulnerable to Brute Force via the AssumeRoleWithLDAPIdentity endpoint, which exposes distinguishable error messages and lacks rate limiting. An attacker can enumerate valid LDAP usernames and perform unlimited password guessing to obtain temporary...
MinIO LDAP login brute-force via user enumeration and missing rate limit
Impact What kind of vulnerability is it? Who is impacted? MinIO AIStor's STS Security Token Service AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credential brute-forcing due to two combined weaknesses: 1 distinguishable error responses that enable username enumeration, and 2 absence ...
PT-2026-26758
Name of the Vulnerable Software and Affected Versions MinIO versions prior to RELEASE.2026-03-17T21-25-16Z Description The MinIO AIStor Security Token Service STS AssumeRoleWithLDAPIdentity endpoint is susceptible to LDAP credential brute-forcing. This is due to a combination of distinguishable...
CVE-2024-41178
Exposure of temporary credentials in logs in Apache Arrow Rust Object Store objectstore crate, version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity...