VYPR

Maven package

org.apache.polaris/polaris-runtime-service

pkg:maven/org.apache.polaris/polaris-runtime-service

Vulnerabilities (2)

  • CVE-2026-42812CriMay 4, 2026
    affected < 1.4.1fixed 1.4.1

    In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. `write.metadata.path` is an optional table property that tells Polaris where to write those metadata files. For a table alr

  • CVE-2026-42809CriMay 4, 2026
    affected < 1.4.1fixed 1.4.1

    Apache Polaris can issue broad temporary ("vended") storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary credentials are meant to limit the scope of accessible table data and metadata, but th