Amazon SNS' signature validation in the official SDK relied on a weak regex for default AWS certificate locations,
that would incorrectly match an S3 bucket named `sns`. This bucket happened to be publicly readable and writeable,
allowing an attacker to forge messages to any user of the official SDK SNS validator.
Amazon Simple Notification Service (SNS)
No tracked CVEs