90 matches found
CVE-2026-46597 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-vpc-fips, crossplane-provider-aws-cognitoidp-fips, crossplane-provider-aws-ssm, crossplane-provider-azure-signalrservice, crossplane-provider-aws-athena-fips, docker-compose-fips, crossplane-provider-azure-security,...
CVE-2026-39834 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-vpc-fips, crossplane-provider-aws-cognitoidp-fips, crossplane-provider-aws-ssm, crossplane-provider-azure-signalrservice, crossplane-provider-aws-athena-fips, docker-compose-fips, crossplane-provider-azure-security,...
PT-2026-34681
Summary Requesting a static JS/CSS resource from the astro path with an incorrect or malformed if-match header returns a 500 error with a one-year cache lifetime instead of 412 in some cases. As a result, all subsequent requests to that file — regardless of the if-match header — will be served a...
AWS SDK for .NET: Improper escaping of special characters in CloudFront policy document construction
Summary This notification is related to the CloudFront signing utilities in the AWS SDK for .NET, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes and...
Improper Encoding or Escaping of Output
Overview AWSSDK.CloudFront is an Amazon CloudFront is a content delivery web service. It integrates with other Amazon Web Services products to give developers and businesses an easy way to distribute content to end users with low latency, high data transfer speeds, and no minimum usage commitment...
GHSA-MVM6-F9R3-FGFX AWS SDK for .NET: Improper escaping of special characters in CloudFront policy document construction
Summary This notification is related to the CloudFront signing utilities in the AWS SDK for .NET, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes and...
Improper Encoding or Escaping of Output
Overview AWSSDK.Extensions.CloudFront.Signers is a package contains extension methods for creating signed URLs for Amazon CloudFront distributions and for creating signed cookies for Amazon CloudFront distributions using canned or custom policies. Affected versions of this package are vulnerable ...
GHSA-443W-3RQ3-5M5H AWS SDK for Java 2.0: Improper Handling of Special Characters in CloudFront Signing Utilities
Summary This notification is related to the CloudFront signing utilities in the AWS SDK for Java v2, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes an...
Improper Encoding or Escaping of Output
Overview Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output through the buildCannedPolicy and buildCustomPolicy functions in the CloudFront signing utilities. An attacker can alter the generated CloudFront policy document and weaken access restrictions by...
AWS SDK for Java 2.0: Improper Handling of Special Characters in CloudFront Signing Utilities
Summary This notification is related to the CloudFront signing utilities in the AWS SDK for Java v2, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes an...
AWS SDK for PHP has CloudFront Policy Document Injection via Special Characters
Summary This notification is related to the CloudFront signing utilities in the AWS SDK for PHP, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes and...
Improper Neutralization
Overview Affected versions of this package are vulnerable to Improper Neutralization via the CloudFront signing utilities when unsanitized input containing special characters is passed to the policy document generation process. An attacker can alter access restrictions by injecting specially...
GHSA-27QH-8CXX-2CR5 AWS SDK for PHP has CloudFront Policy Document Injection via Special Characters
Summary This notification is related to the CloudFront signing utilities in the AWS SDK for PHP, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes and...
AWS SDK for .NET: Improper escaping of special characters in CloudFront policy document construction
This notification is related to the CloudFront signing utilities in the AWS SDK for .NET, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes and...
AWS SDK for .NET: Improper escaping of special characters in CloudFront policy document construction
This notification is related to the CloudFront signing utilities in the AWS SDK for .NET, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes and...
EUVD-2020-23900
Malware in sbrugna...
EUVD-2025-30811
Malicious code in bioql PyPI...
CVE-2025-57682
Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the "POST /api/file/s3/get-presigned-get-url-proxy" API...
CVE-2025-57682
Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the "POST /api/file/s3/get-presigned-get-url-proxy" API...
CVE-2025-57682
Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the "POST /api/file/s3/get-presigned-get-url-proxy" API...