Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/01 6:34 p.m.6 views

CVE-2026-13769

Overly permissive file permissions in AWS CLI before 1.44.78 v1 and 2.34.29 v2 on Unix-like systems where the umask has not been configured to restrict file permissions the default on most systems may allow other local users on the same host to read credentials written by certain CLI subcommands...

6.8CVSS5.8AI score0.00101EPSS
Exploits0References5
Veracode
Veracode
added 2024/09/12 6:17 a.m.6 views

Token Leakage

sagemakertrainin is vulnerable to Token Leakage. The vulnerability is due to the logging of CodeArtifact authorization tokens in log files, which, when pushed to CloudWatch Log streams, It can allow unauthorized access to CodeArtifact resources...

7AI score
Exploits0
OSV
OSV
added 2024/09/11 7:20 p.m.7 views

GHSA-635V-PC42-FR74 AWS SageMaker Training Toolkit logs CodeArtifact Authorization token

Description For SageMaker Training Toolkit1 versions 4.7.4; 4.7.3; 4.7.2; 4.7.1; 4.7.0, the authorization tokens for CodeArtifact temporary token with an expiration of 12 hours were logged in the log files when the CodeArtifact capability was enabled. If customers push these log files to their...

5.6CVSS6.7AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/09/11 7:20 p.m.9 views

AWS SageMaker Training Toolkit logs CodeArtifact Authorization token

Description For SageMaker Training Toolkit1 versions 4.7.4; 4.7.3; 4.7.2; 4.7.1; 4.7.0, the authorization tokens for CodeArtifact temporary token with an expiration of 12 hours were logged in the log files when the CodeArtifact capability was enabled. If customers push these log files to their...

6.7AI score
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.9 views

PT-2024-40110 · Amazon · Cloudwatch +2

Name of the Vulnerable Software and Affected Versions: SageMaker Training Toolkit versions 4.7.0 through 4.7.4 Description: The issue concerns the logging of authorization tokens for CodeArtifact in log files when the CodeArtifact capability is enabled. These tokens have an expiration of 12 hours...

5.6CVSS7AI score
Exploits0References4
Rows per page
Query Builder