Tag

#OIDC

Understanding the @hulumi/policies Vulnerability: Bypassing IAM Role Policy Checks with Multiple OIDC Providers

A vulnerability in @hulumi/policies allows IAM roles with multiple OIDC providers to bypass policy checks, potentially leading to overly permissive access. The issue was fixed in version 1.4.0.

Jun 11, 20261 source