2 matches found
CVE-2025-14503 Overly Permissive Trust Policy in Harmonix on AWS EKS
An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM...
Amazon AWS Amplify 安全漏洞
Amazon AWS Amplify is an application from Amazon.com, Inc. for accelerating the development of full-stack Web and mobile applications. A security vulnerability exists in Amazon AWS Amplify versions prior to 12.10.1 that stems from incorrectly configuring a role trust policy associated with a...