2 matches found
GHSA-9VC9-4JV3-RF86 @hulumi/policies has a HULUMI-H5 bypass via decoy sibling resources targeting a different bucket
Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-284 Improper Access Control Summary HULUMI-H1 forbids raw aws:s3:Bucket outside of Hulumi's SecureBucket component, with one exemption: a raw bucket that's a child of a SecureBucket is allowed because the component is...
Remote Services Using Post-Quantum Ciphers
This plugin reports network services that offer post-quantum ciphers and enumerates the post-quantum ciphers that they offer. Tenable makes no attempt to determine whether the remote service is actually hardened against a post-quantum attack. TRUSTED...