A flaw in AWS Bedrock's foundation model access control allowed unauthorized subscriptions to certain models, bypassing IAM policies using the aws-marketplace:ProductId condition key. This could le...
Wed, Mar 27th, 2024
A flaw in Amazon Managed Workflows for Apache Airflow (MWAA) could have allowed potential session hijacking and remote code execution. The issue stemmed from a combination of session fixation in th...
Thu, Mar 21st, 2024
Tenable Research discovered a privilege escalation flaw that allows a user to escalate privileges to that of the root user within the context of a Spark VM. This escalation was achieved because of...
Thu, Mar 7th, 2024