CVE-2025-68671

Name of the Vulnerable Software and Affected Versions lakeFS versions prior to 1.75.0

Description lakeFS's S3 gateway does not validate timestamps in authenticated requests, which allows for replay attacks. An attacker capturing a valid signed request can replay it until credentials are rotated, even after the request's intended expiration. The API endpoints are susceptible to this issue. The vulnerable parameters include those used in authenticated requests.

Recommendations Upgrade to version 1.75.0. Use short-lived credentials and rotate access keys frequently, deactivating old keys. Restrict S3 gateway access to trusted networks/IPs.