Improper Access Control
github.com/treeverse/lakefs is vulnerable to improper access control. The vulnerability exists because it does not perform sufficient user permission checks on repository actions, allowing an attacker to use the S3 gateway to copy object and read write actions on repository commits...