Lucene search
K

4 matches found

Veracode
Veracode
added 2026/06/12 12:11 p.m.10 views

Security Misconfiguration

@hulumi/baseline is vulnerable to Security Misconfiguration. The vulnerability is due to AccountFoundation reuse paths silently downgrading GuardDuty and Security Hub security settings, which allows an attacker to operate with reduced detection and monitoring capabilities in the affected...

5.2AI score0.00052EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/10 1:38 p.m.6 views

GHSA-CJ8G-PRCM-MFG5 @hulumi/baseline: AccountFoundation reuse paths silently downgrade GuardDuty / Security Hub posture

Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: Medium — CWE-693 Protection Mechanism Failure Summary AccountFoundation can either create AWS detective services GuardDuty for threat detection, Security Hub for compliance dashboards or reuse pre-existing ones via opt-in flags. The...

6.3CVSS5.5AI score0.00052EPSS
Exploits0References3
OSV
OSV
added 2026/06/10 1:38 p.m.8 views

GHSA-2MXR-P26X-MJ73 @hulumi/baseline: AccountFoundation audit-delivery S3 bucket could be silently weakened

Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-1059 Insufficient Technical Documentation / Behavioral Inconsistency Summary The S3 bucket that AccountFoundation creates to receive CloudTrail and AWS Config audit logs is meant to be tamper-resistant — if someone with...

7.1CVSS5.5AI score0.00041EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.10 views

PT-2026-48479

Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: Medium — CWE-693 Protection Mechanism Failure Summary AccountFoundation can either create AWS detective services GuardDuty for threat detection, Security Hub for compliance dashboards or reuse pre-existing ones via opt-in flags. The...

6.3CVSS5.5AI score0.00052EPSS
Exploits0References4
Rows per page
Query Builder