21Şub
CVE-2025-27100 | treeverse lakeFS up to 1.49.x Environment Variable LAKEFS_BLOCKSTORE_S3_DISABLE_PRE_SIGNED_MULTIPART resource consumption (GHSA-j7jw-28jm-whr6)
A vulnerability was found in treeverse lakeFS up to 1.49.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Environment Variable Handler. The manipulation of the argument LAKEFS_BLOCKSTORE_S3_DISABLE_PRE_SIGNED_MULTIPART leads to resource consumption. This vulnerability is handled as CVE-2025-27100. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.