4 matches found
CVE-2026-9133
Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws before version 0.2.1. A debug ARN scheme arn:aws-debug:file accepted by the PUT /api/aws/arn/validate validation endpoint might allow remote authenticated users to perform arbitrary file reads on any file accessible to the...
GHSA-69X3-G4R3-P962 Blocklist Bypass possible via ECDSA Signature Malleability
Impact When using P256 certificates which is not the default configuration, it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of the certificate with a different fingerprint. In order for this to affect a...
Inspecting TLS Web Traffic - Part 3
In the second part of this blog, I covered how HTTPS web content inspection is provided in Akamai's Enterprise Threat Protector ETP service using ETP proxy. In this final blog post I want to provide information about how Akamai generates, distributes and controls access to private keys including...
Best security practices for Trusted TLS Intermediary
According to Google over 75% of public websites are accessed over encrypted connections using HTTPS, with the use of HTTP diminishing. As expected, the bad actors are following the crowds, and using HTTPS to hide their activities. So how can security solutions such as ETP Threat Protector detect...