17 matches found
EUVD-2024-45843
Malicious code in bioql PyPI...
CVE-2024-52314
A data.all admin team member who has access to the customer-owned AWS Account where data.all is deployed may be able to extract user data from data.all application logs in data.all via CloudWatch log scanning for particular operations that interact with customer producer teams data...
CVE-2024-52314
A data.all admin team member who has access to the customer-owned AWS Account where data.all is deployed may be able to extract user data from data.all application logs in data.all via CloudWatch log scanning for particular operations that interact with customer producer teams data...
data.all 安全漏洞
data.all is an open source development framework from data-dot-all open source. A security vulnerability exists in data.all that stems from the fact that a member of the data.all management team with access to an AWS account owned by a customer deploying data.all may be able to extract user data...
MAL-2024-9546 Malicious code in client-cloudwatch-logs (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in client-cloudwatch-logs (npm)
--- -= Per source details. Do not edit below this line.=-...
PT-2024-40110 · Amazon · Cloudwatch +2
Name of the Vulnerable Software and Affected Versions: SageMaker Training Toolkit versions 4.7.0 through 4.7.4 Description: The issue concerns the logging of authorization tokens for CodeArtifact in log files when the CodeArtifact capability is enabled. These tokens have an expiration of 12 hours...
Malicious code in fluent_plugin-cloudwatch-logs-foxtrot9 (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6902 Malicious code in fluent_plugin-cloudwatch-logs-foxtrot9 (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in fluent_plugin-cloudwatch-logs (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials in plain text
Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials unencrypted in its global configuration file jenkins.plugins.awslogspublisher.AWSLogsConfig.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...
GHSA-M34R-F7H6-C3J2 Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials in plain text
Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials unencrypted in its global configuration file jenkins.plugins.awslogspublisher.AWSLogsConfig.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...
Design/Logic Flaw
Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003062
Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
PT-2019-11352 · Jenkins · Jenkins Aws Cloudwatch Logs Publisher Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins AWS CloudWatch Logs Publisher Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller...
Zeus - AWS EC2 / S3 Auditing & Hardening Tool
Zeus is a powerful tool for AWS EC2 / S3 best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access Management Avoid the use of the "roo...
AWS Auditing & Hardening Tool: Zeus
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access...