Lucene search
K

60 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:35 a.m.9 views

CVE-2024-41178

Exposure of temporary credentials in logs in Apache Arrow Rust Object Store objectstore crate, version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity...

7.5CVSS7AI score0.0071EPSS
Exploits0References1
CVE
CVE
added 2025/11/13 7:42 p.m.21 views

CVE-2025-64709

Typebot (open-source chatbot builder) contains an SSRF flaw in the webhook block’s HTTP Request component affecting versions before 3.13.1. The issue lets authenticated users cause server-side HTTP requests, bypass IMDSv2 via custom header injection, and extract temporary AWS IAM credentials for ...

9.9CVSS6.4AI score0.00367EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-53457

Malicious code in bioql PyPI...

9.8CVSS8.6AI score0.00717EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/09/24 7:15 a.m.8 views

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services AWS Instance Metadata Service IMDS. The vulnerability in question is CVE-2025-51591 CVSS score: 6.5,...

7.2CVSS7.1AI score0.90461EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2025/05/23 1:1 a.m.7 views

CVE-2022-32260

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application creates temporary user credentials for UMC User Management Component users. An attacker could use these temporary credentials for authentication bypass in certain scenarios...

9.8CVSS7.1AI score0.00717EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/04/21 10:51 p.m.32 views

Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS

Prevent token leakage / privilege escalation MinIO Operator STS: A Quick Overview MinIO Operator STS is a native IAM Authentication for Kubernetes. MinIO Operator offers support for Secure Tokens a.k.a. STS which are a form of temporary access credentials for your MinIO Tenant. In essence, this...

6.9CVSS7.8AI score0.00573EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/03/21 5:43 p.m.3 views

GHSA-V63M-X9R9-8GQP AWS CDK CLI prints AWS credentials retrieved by custom credential plugins

Summary The AWS Cloud Development Kit AWS CDK 1 is an open-source software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. The AWS CDK CLI 2 is a command line tool for interacting with CDK applications. Customers can use the CDK CLI ...

5.7CVSS5.8AI score0.00255EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/03/21 5:43 p.m.16 views

AWS CDK CLI prints AWS credentials retrieved by custom credential plugins

Summary The AWS Cloud Development Kit AWS CDK 1 is an open-source software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. The AWS CDK CLI 2 is a command line tool for interacting with CDK applications. Customers can use the CDK CLI ...

5.7CVSS7.1AI score0.00255EPSS
Exploits1References5Affected Software2
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.9 views

PT-2025-8736 · Unknown · Met One 3400+

Name of the Vulnerable Software and Affected Versions: MET ONE 3400+ version 1.0.41 Description: The issue concerns the temporary storage of credentials in plain text within the system under rare conditions. This data is not accessible to unauthenticated users. Recommendations: For version 1.0.41...

5.8CVSS7AI score0.00178EPSS
Exploits0References4
Veracode
Veracode
added 2025/02/03 4:7 a.m.8 views

Credential Caching

snowflakeconnectorpython is vulnerable to Credential Caching. The vulnerability is due to improper handling of temporary credential caching on Linux systems, When caching is enabled, the credentials are stored in a file that is readable by all users, allowing unauthorized access...

5.5CVSS4.5AI score0.00137EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/01/29 9:15 p.m.5 views

PYSEC-2025-28

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References2
Snyk
Snyk
added 2025/01/29 8:49 p.m.1 views

Incorrect Default Permissions

Overview snowflake-connector-python is a Snowflake Connector for Python Affected versions of this package are vulnerable to Incorrect Default Permissions when using EXTERNALBROWSER or USERNAMEPASSWORDMFA authentication methods with temporary credential caching enabled, allowing the attacker to...

5.5CVSS6.9AI score0.00137EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/29 8:30 p.m.8 views

CVE-2025-24795 The Snowflake Connector for Python uses insecure cache files permissions

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential...

4.4CVSS4.6AI score0.00137EPSS
Exploits0References2
OSV
OSV
added 2025/01/29 6:42 p.m.13 views

GHSA-XFHV-WQJ6-RX99 snowflake-sdk may incorrectly validate temporary credential cache file permissions

Issue Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This vulnerability affects versions 1.12.0 through 2.0.1 on Linux...

4.4CVSS4.7AI score0.00143EPSS
Exploits0References4
OSV
OSV
added 2025/01/29 6:42 p.m.14 views

GHSA-33G6-495W-V8J2 Snowflake JDBC uses insecure temporary credential cache file permissions

Issue Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporary credential caching is enabled, the Snowflake JDBC Driver will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 3.6.8 through...

4.4CVSS4.7AI score0.00188EPSS
Exploits0References4
CVE
CVE
added 2025/01/29 5:49 p.m.299 views

CVE-2025-24790

CVE-2025-24790 affects Snowflake JDBC driver (type 4) used by Java apps. On Linux, when temporary credential caching is enabled, credentials may be cached locally in a world-readable file. Affected versions: 3.6.8 through 3.21.0. The issue has been fixed in version 3.22.0. Remediation: upgrade Sn...

5.5CVSS4.6AI score0.00188EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/29 12:0 a.m.5 views

PT-2025-5572 · Snowflake · Snowflake-Connector-Nodejs

Name of the Vulnerable Software and Affected Versions: snowflake-connector-nodejs versions 1.12.0 through 2.0.1 Description: The issue concerns a vulnerability in the Snowflake NodeJS Driver where file permissions checks of the temporary credential cache could be bypassed by an attacker with writ...

5.5CVSS6.7AI score0.00143EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/01/29 12:0 a.m.6 views

Snowflake JDBC 安全漏洞

Snowflake JDBC is an application from Snowflake, Inc. provides a JDBC type 4 driver that supports the core functionality and allows Java programs to connect to Snowflak. A security vulnerability exists in Snowflake JDBC versions prior to 3.22.0 that stems from caching temporary credentials in a...

5.5CVSS7.7AI score0.00188EPSS
Exploits0References2
OSV
OSV
added 2024/07/23 6:31 p.m.18 views

GHSA-C2HF-VCMR-QJRF Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files

Exposure of temporary credentials in logs in Apache Arrow Rust Object Store objectstore crate, version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity...

4.8CVSS7.6AI score0.0071EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/07/23 4:50 p.m.28 views

CVE-2024-41178 Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files

Exposure of temporary credentials in logs in Apache Arrow Rust Object Store objectstore crate, version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity...

6.7AI score0.0071EPSS
Exploits0References2
Rows per page
Query Builder