3 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to the improper validation of AWS Account ID during authentication. An attacker can gain unauthorized access by authenticating with an IAM role from an untrusted AWS account that shares the same role name as ...
PT-2025-43523
Name of the Vulnerable Software and Affected Versions OpenBao AWS Plugin versions prior to 0.1.1 Description The OpenBao AWS Plugin generates AWS access credentials based on IAM policies. Versions of the plugin prior to 0.1.1 are susceptible to cross-account IAM role Impersonation within the AWS...
CVE-2024-5924
Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit...