5 matches found
CVE-2026-13769
Overly permissive file permissions in AWS CLI before 1.44.78 v1 and 2.34.29 v2 on Unix-like systems where the umask has not been configured to restrict file permissions the default on most systems may allow other local users on the same host to read credentials written by certain CLI subcommands...
Token Leakage
sagemakertrainin is vulnerable to Token Leakage. The vulnerability is due to the logging of CodeArtifact authorization tokens in log files, which, when pushed to CloudWatch Log streams, It can allow unauthorized access to CodeArtifact resources...
GHSA-635V-PC42-FR74 AWS SageMaker Training Toolkit logs CodeArtifact Authorization token
Description For SageMaker Training Toolkit1 versions 4.7.4; 4.7.3; 4.7.2; 4.7.1; 4.7.0, the authorization tokens for CodeArtifact temporary token with an expiration of 12 hours were logged in the log files when the CodeArtifact capability was enabled. If customers push these log files to their...
AWS SageMaker Training Toolkit logs CodeArtifact Authorization token
Description For SageMaker Training Toolkit1 versions 4.7.4; 4.7.3; 4.7.2; 4.7.1; 4.7.0, the authorization tokens for CodeArtifact temporary token with an expiration of 12 hours were logged in the log files when the CodeArtifact capability was enabled. If customers push these log files to their...
PT-2024-40110 · Amazon · Cloudwatch +2
Name of the Vulnerable Software and Affected Versions: SageMaker Training Toolkit versions 4.7.0 through 4.7.4 Description: The issue concerns the logging of authorization tokens for CodeArtifact in log files when the CodeArtifact capability is enabled. These tokens have an expiration of 12 hours...