Use of the AI services on AWS allows customer data to be moved outside of the regions it is used in and potentially shared with third-parties. Note: This issue is outside the scope of this database...
Thu, Jan 6th, 2022
Dataflow worker nodes ran an unauthenticated Java Management Extensions (JMX) service that under certain circumstances would be exposed to the Internet, thus allowing unauthenticated remote code ex...
Tue, Dec 28th, 2021
AWS added an excessive s3:getObject permission to AWSSupportServiceRolePolicy IAM policy used by AWS Support teams, and removed it a day later.
Wed, Dec 22nd, 2021