Amazon AWS Amplify CLI before 12.10.1 incorrectly configures the role trust policy of IAM roles associated with Amplify projects. When the Authentication component is removed from an Amplify project, ...
Continue Reading
April 16, 2024
Impact I can convince the UI to let me do things with an invalid Application. 1. Admin gives me p, michael, applications, *, demo/*, allow, where demo can just deploy to the demo namespace 2. Admin gi ...
Continue Reading
April 16, 2024
A flaw was found in Argo CD. The API server does not enforce project sourceNamespaces, which can allow an attacker to use the UI to edit resources which should only be mutable via...Read More ...
Continue Reading
April 16, 2024
Bad bots continue to affect consumers and organizations across all sectors. For over eleven years, Imperva has been dedicated to helping organizations manage and mitigate the threat of bad bots. We’ ...
Continue Reading
April 16, 2024
A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute arbitrary commands on a specific API...Read More ...
Continue Reading
April 16, 2024
ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in image decoders. The vulnera ...
Continue Reading
April 16, 2024
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The API server does not enforce project sourceNamespaces which allows attackers to use the UI to edit resources which should o ...
Continue Reading
April 16, 2024
ImageSharp is a 2D graphics API. A heap-use-after-free flaw was found in ImageSharp's JPEG and TGA decoders. This vulnerability is triggered when an attacker passes a specially crafted JPEG or TG ...
Continue Reading
April 16, 2024
Back to Main
