7 matches found
SUSE SLES15 Security Update : aws-iam-authenticator (SUSE-SU-2026:2643-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2643-1 advisory. This update for aws-iam-authenticator fixes the following issues - CVE-2022-1996: CORS bypass bsc1200528. - CVE-2022-2385:...
SUSE-SU-2026:2643-1 Security update for aws-iam-authenticator
This update for aws-iam-authenticator fixes the following issues - CVE-2022-1996: CORS bypass bsc1200528. - CVE-2022-2385: aws-iam-authenticator AccessKeyID validation bypass bsc1201395. - CVE-2024-39689: remove root certificates from GLOBALTRUST from the root store. - CVE-2025-47910: net/http:...
SUSE: Security Advisory (SUSE-SU-2022:2583-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for aws-iam-authenticator (SUSE-SU-2022:2583-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES15 Security Update : aws-iam-authenticator (SUSE-SU-2022:2583-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2583-1 advisory. - A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and...
CVE-2022-2385
aws-iam-authenticator (sigs.k8s.io/aws-iam-authenticator) contains CVE-2022-2385, where an allow-listed IAM identity may modify their username and escalate privileges. Technical details in connected docs indicate the issue relates to an AccessKeyID validation bypass in versions prior to v0.5.9. A...
CVE-2022-2385 AccessKeyID validation bypass
A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges...