Tag
#vulnerability
newsHIGH 8.4
@hulumi/policies vulnerability allows bypassing policy packs with forged Pulumi-URN logical name
A high-severity vulnerability in @hulumi/policies allows developers to bypass mandatory hardening checks by naming resources with a trusted substring, affecting multiple cloud providers.
newsCRITICAL 9.2
stigmem-node Vulnerability: Auth-Disabled Deployments Expose to Broad Anonymous Access
A vulnerability in stigmem-node allows auth-disabled deployments to grant broad anonymous access outside loopback environments. Operators who disabled authentication while binding the node to a non-loopback URL are impacted.