Known Vulnerabilities for Apache Polaris by Apache Software Foundation
Listed below are 4 of the newest known vulnerabilities associated with "Apache Polaris" by "Apache Software Foundation".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-42812 json | In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and w... | Not Provided | 2026-05-04 | 2026-05-04 |
| CVE-2026-42811 json | In plain terms, Apache Polaris is supposed to issue short-lived GCS credentials that only work for one table's files, but a c... | Not Provided | 2026-05-04 | 2026-05-04 |
| CVE-2026-42810 json | Apache Polaris accepts literal `*` characters in namespace and table names. When it later builds temporary S3 access policies... | Not Provided | 2026-05-04 | 2026-05-04 |
| CVE-2026-42809 json | Apache Polaris can issue broad temporary ("vended") storage credentials during staged table creation before the effective tab... | Not Provided | 2026-05-04 | 2026-05-04 |