9 matches found
EUVD-2024-36563
Malicious code in bioql PyPI...
EUVD-2023-55659
Malicious code in bioql PyPI...
CVE-2023-51386
Sandbox Accounts for Events provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially read data from the events table by sending request payloads to the events API, collecting information on planned...
CVE-2023-51386
Sandbox Accounts for Events provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially read data from the events table by sending request payloads to the events API, collecting information on planned...
Deserialization of untrusted data
"Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially claim and access empty AWS accounts by sending request payloads to the account API containing non-existent event...
CVE-2023-50928 sandbox-accounts-for-events security misconfiguration leads to budget exceed
"Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially claim and access empty AWS accounts by sending request payloads to the account API containing non-existent event...
CVE-2023-50928 sandbox-accounts-for-events security misconfiguration leads to budget exceed
"Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially claim and access empty AWS accounts by sending request payloads to the account API containing non-existent event...
Using Service Control Policies to protect security baselines
Service Control Policies SCPs can be a great way to prevent actions from happening in AWS accounts. In this post, we will illustrate a specific use case of SCPs that protects the security baseline, or landing zone, configuration you’ve created for accounts...
Prowler - Tool for AWS Security Assessment, Auditing And Hardening
Tool based on AWS-CLI commands for AWS account security assessment and hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark 1.1 Features It covers hardening and security best practices for all AWS regions related to: Identity and Access Management 24 checks Logging...