rdblue opened a new issue, #17008:
URL: https://github.com/apache/iceberg/issues/17008

   > This issue was reported to the private Apache Iceberg security mailing 
list. The submitter is being kept anonymous because the report was sent to a 
private list. After review, the issue is not considered a serious vulnerability 
that needs to be kept private, so it is being filed publicly here for tracking 
and resolution.
   >
   > Note: this submission was generated by AI. Please review its claims and 
source references carefully before acting on them.
   
   # Summary
   
   Flink serializes the full catalog property map into table options,
   exposing secrets to users or code paths that can inspect table
   metadata.
   
   # Affected Maven coordinates
   
   * versioned integration artifacts:
   `org.apache.iceberg:iceberg-flink-1.20`,
   `org.apache.iceberg:iceberg-flink-2.0`,
   `org.apache.iceberg:iceberg-flink-2.1`
   
   # Attacker prerequisites
   
   * access to the affected metadata, table-option, or row-return surface
   * a deployment where that surface is visible to callers who are not
   meant to receive the widened data or secret set
   
   # Impact
   
   * Any secret stored in catalog properties can become visible to code
   or users that can inspect table metadata.
   * In practice this can expose REST tokens, JDBC credentials, cloud
   credentials, warehouse endpoints, or other catalog auth material.
   * The issue is worse in shared SQL gateway deployments where metadata
   access is broader than secret access.
   
   # Proof status
   
   Source review only. The issue is visible directly from source.
   
   # Key source references
   
   * org.apache.iceberg.flink.FlinkCatalog
   * org.apache.iceberg.flink.FlinkCreateTableOptions


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to