6 matches found
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: glab, flux-operator, chainloop-cli, tekton-chains-fips, kubernetes-secret-generator, gitlab-rails-ce-fips, crossplane-provider-azure-network, crossplane-provider-keycloak-fips, rancher-agent, gitea-fips, google-guest-agent, gh, crossplane-provider-aws-sns-fips, nucle...
CVE-2024-37293
The AWS Deployment Framework ADF is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations...
CVE-2024-37293 aws-deployment-framework's potential risk can lead to privilege escalation
The AWS Deployment Framework ADF is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations...
CVE-2024-37293
The CVE concerns the AWS Deployment Framework (ADF) bootstrap process. Prior to v4.0.0, the bootstrap CodeBuild role could call sts:AssumeRole without restrictions, enabling escalation to any AWS account in the organization with elevated privileges. Patches are included in aws-deployment-framewor...
CVE-2024-37293 aws-deployment-framework's potential risk can lead to privilege escalation
The AWS Deployment Framework ADF is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations...
CVE-2024-37293 aws-deployment-framework's potential risk can lead to privilege escalation
The AWS Deployment Framework ADF is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations...