12 matches found
CVE-2026-22611
AWS SDK for .NET works with Amazon Web Services to help build scalable solutions with Amazon S3, Amazon DynamoDB, Amazon Glacier, and more. From versions 4.0.0 to before 4.0.3.3, Customer applications could be configured to improperly route AWS API calls to non-existent or non-AWS hosts. This...
CVE-2026-22611 AWS SDK for .NET V4 adopted defense in depth enhancement for region parameter value
AWS SDK for .NET works with Amazon Web Services to help build scalable solutions with Amazon S3, Amazon DynamoDB, Amazon Glacier, and more. From versions 4.0.0 to before 4.0.3.3, Customer applications could be configured to improperly route AWS API calls to non-existent or non-AWS hosts. This...
CVE-2026-22611 AWS SDK for .NET V4 adopted defense in depth enhancement for region parameter value
AWS SDK for .NET works with Amazon Web Services to help build scalable solutions with Amazon S3, Amazon DynamoDB, Amazon Glacier, and more. From versions 4.0.0 to before 4.0.3.3, Customer applications could be configured to improperly route AWS API calls to non-existent or non-AWS hosts. This...
PT-2026-2231
Name of the Vulnerable Software and Affected Versions AWS SDK for .NET versions 4.0.0 through 4.0.3.2 Description The AWS SDK for .NET, used with Amazon Web Services for building scalable solutions, is affected by an issue where applications could be configured to improperly route AWS API calls t...
Improper Validation of Syntactic Correctness of Input
Overview Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the region input field. An attacker can cause AWS API calls to be routed to unintended or non-existent hosts by supplying an invalid value. Remediation Upgrade AWSSDK.Core to...
AWS SDK for .NET V4 adopted defense in depth enhancement for region parameter value
Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement has been implemented in th...
GHSA-PC9J-5V36-2MWW AWS SDK for Swift adopted defense in depth enhancement for region parameter value
CVSSv3.1 Rating: 3.7 LOW Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement h...
Improper Validation of Syntactic Correctness of Input
Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the region input field. An attacker can cause AWS API calls to be routed to unintended or non-existent hosts by supplying an invalid...
GHSA-J965-2QGJ-VJMQ JavaScript SDK v2 users should add validation to the region parameter value in or migrate to v3
CVSSv3.1 Rating: 3.7 LOW Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. Per the AWS shared responsibilit...
JavaScript SDK v2 users should add validation to the region parameter value in or migrate to v3
CVSSv3.1 Rating: 3.7 LOW Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. Per the AWS shared responsibilit...
PT-2026-3409
CVSSv3.1 Rating: 3.7 LOW Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement h...
PT-2023-10195 · Unknown · Jeff-Kelley Opensim-Utils
Name of the Vulnerable Software and Affected Versions: jeff-kelley opensim-utils affected versions not specified Description: A critical issue has been found in jeff-kelley opensim-utils, affecting the DatabaseForRegion function of the file regionscrits.php. The manipulation of the region argumen...