Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.12 views

CVE-2026-42809

Apache Polaris can issue broad temporary "vended" storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary credentials are meant to limit the scope of accessible table data and metadata, but this scope limitation...

9.9CVSS5.3AI score0.00355EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 4:22 p.m.5 views

CVE-2026-42809

Apache Polaris can issue broad temporary "vended" storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary credentials are meant to limit the scope of accessible table data and metadata, but this scope limitation...

9.9CVSS5.8AI score0.00355EPSS
Exploits0References2
CVE
CVE
added 2026/05/04 4:22 p.m.18 views

CVE-2026-42809

Apache Polaris is affected via the staged-create path where an authenticated, low-privilege user can supply a custom location during stage create and request credential vending. Polaris issues broad temporary (vended) storage credentials tied to that location before normal validation and overlap ...

9.9CVSS5.8AI score0.00355EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/04 4:22 p.m.10 views

EUVD-2026-27033

Apache Polaris can issue broad temporary "vended" storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary credentials are meant to limit the scope of accessible table data and metadata, but this scope limitation...

9.9CVSS5.8AI score0.00355EPSS
Exploits0References1
Rows per page
Query Builder