{"id":13576777,"url":"https://github.com/hashishrajan/cloud-security-vulnerabilities","last_synced_at":"2025-04-05T08:33:15.007Z","repository":{"id":40771277,"uuid":"496267458","full_name":"hashishrajan/cloud-security-vulnerabilities","owner":"hashishrajan","description":"List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Oracle Cloud, IBM Cloud etc","archived":false,"fork":false,"pushed_at":"2023-05-04T22:22:45.000Z","size":72,"stargazers_count":358,"open_issues_count":1,"forks_count":35,"subscribers_count":15,"default_branch":"main","last_synced_at":"2024-08-02T15:31:19.840Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hashishrajan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2022-05-25T14:32:09.000Z","updated_at":"2024-07-30T01:51:20.000Z","dependencies_parsed_at":"2024-01-15T15:46:44.386Z","dependency_job_id":"15db1675-4336-4da0-a2c3-e58b6021ce8e","html_url":"https://github.com/hashishrajan/cloud-security-vulnerabilities","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashishrajan%2Fcloud-security-vulnerabilities","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashishrajan%2Fcloud-security-vulnerabilities/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashishrajan%2Fcloud-security-vulnerabilities/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashishrajan%2Fcloud-security-vulnerabilities/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hashishrajan","download_url":"https://codeload.github.com/hashishrajan/cloud-security-vulnerabilities/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223176719,"owners_count":17100659,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T15:01:13.966Z","updated_at":"2025-04-05T08:33:14.992Z","avatar_url":"https://github.com/hashishrajan.png","language":null,"readme":"# Goal:\nList of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Oracle Cloud, IBM Cloud etc\n\nNOTE: This list will not cover any data breaches caused by misconfiguration\n\nTable of contents\n=================\n\n\u003c!--ts--\u003e\n\n* [Contribute](#Contribute)\n* [Cloud Security Provider Vulnerabilites](#cloud-service-provider-vulnerabilites)\n  * [Amazon Web Services (AWS)](#amazon-web-services-aws)\n  * [Microsoft Azure](#microsoft-azure)\n  * [Google Cloud ](#google-cloud )\n  * [Oracle Cloud](#oracle-cloud)\n  * [IBM Cloud](#ibm-cloud)\n  * [All Cloud](#all-cloud)\n* [Useful Links](#useful-links)\n  * [Security Bulletin](#security-bulletin)\n  * [Vulnerability Disclosure](#vulnerability-disclosure)\n\u003c!--te--\u003e\n\n\n# Contribute\nDo you want to contribute to this list? Feel free to send a PR.\n\n# Cloud Service Provider Vulnerabilites\n\n### Amazon Web Services (AWS) \n- [AWS: Execution in CloudFormation service account](https://onecloudplease.com/blog/security-september-cataclysms-in-the-cloud-formations) - Published: 26 August,2020 - Status: RESOLVED\n- [AWS IAM Cross Account](https://www.wiz.io/blog/black-hat-2021-aws-cross-account-vulnerabilities-how-isolated-is-your-cloud-environment/) - Published: 4 August,2021 - Status: RESOLVED\n- [AWS SageMaker Notebook](https://blog.lightspin.io/aws-sagemaker-notebook-takeover-vulnerability) - Published: 7 December,2021 - Status: RESOLVED\n- [Breaking Formation: AWS Cloudformation](https://orca.security/resources/blog/aws-cloudformation-vulnerability/) - Published: 13 Jan,2022 - Status: RESOLVED\n- [SuperGlue: AWS Glue](https://orca.security/resources/blog/aws-glue-vulnerability/) - Published: 13 Jan,2022 - Status: RESOLVED\n- [AWS EKS Authentication Vulnerabilty](https://blog.lightspin.io/exploiting-eks-authentication-vulnerability-in-aws-iam-authenticator) - Published: 11 Jul,2022 - Status: RESOLVED (requires User Intervention in certain scenarios to fix)\n- [AWS S3 Replication Service - Only logs first destination bucket](https://www.vectra.ai/blogpost/abusing-the-replicator-silently-exfiltrating-data-with-the-aws-s3-replication-service) - Published: 20 Jul,2022 - Status: NO FIX PROVIDED\n- [AWS CodeArtifact - Depedency Confusion](https://zego.engineering/dependency-confusion-in-aws-codeartifact-86b9ff68963d) - Published: 28 Jul,2022 - Status: RESOLVED\n- [AWS CloudTrail - iamadmin CloudTrail Bypass](https://securitylabs.datadoghq.com/articles/iamadmin-cloudtrail-bypass/) - Published: 17 January,2023 - Status: RESOLVED\n- [AWS App Runner Cross Tenant](https://frichetten.com/blog/minor-cross-tenant-vulns-app-runner/)- Published:3 April,2023 - Status: RESOLVED\n\n### Microsoft Azure \n- [ChaosDB:Azure Cosmos DB](https://www.wiz.io/blog/how-we-broke-the-cloud-with-two-lines-of-code-the-full-story-of-chaosdb/) - Published: 7 August,2021 - Status: RESOLVED\n- [Azure: Azurescape](https://unit42.paloaltonetworks.com/azure-container-instances/) - Published: 9 September,2021 - Status: RESOLVED\n- [OMIGOD:Microsoft Open Management Infrastructure (OMI)](https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution/) - Published: 14 September,2021 - Status: RESOLVED\n- [NotLegit: Azure App Service](https://www.wiz.io/blog/azure-app-service-source-code-leak/) - Published: 21 December,2021 - Status: RESOLVED\n- [ExtraReplica:Azure PostgreSQL](https://www.wiz.io/blog/wiz-research-discovers-extrareplica-cross-account-database-vulnerability-in-azure-postgresql/) - Published: 28 April,2022 - Status: RESOLVED\n- [AutoWrap: Azure Automation](https://orca.security/resources/blog/autowarp-microsoft-azure-automation-service-vulnerability/) - Published: 7 March,2021 - Status: RESOLVED\n- [Synapse: Azure Synapse Analytics](https://orca.security/resources/blog/azure-synapse-analytics-security-advisory/) - Published: 9 May,2021 - Status: PARTIAL(requires User Caution)\n- [FabricSCape: Microsoft Service Fabric - commonly used with many Azure offerings](https://unit42.paloaltonetworks.com/fabricscape-cve-2022-30137/) - Published: 14 June,2022 - Status: RESOLVED (requires User Intervention in certain scenarios to fix)\n- [Azure WAF - Pattern bypass with OWASP 3.2 managed rule set](https://twitter.com/justm0rph3u5/status/1542943538857799680) - Published: 2 July,2022 - Status: RESOLVED\n- [Azure Site Recovery service susceptible to DLL Hijacking flaw](https://medium.com/tenable-techblog/microsoft-azure-site-recovery-dll-hijacking-cd8cc34ef80c) - Published: 13 July,2022 - Status: RESOLVED\n- [Azure Database for PostgreSQL - escape to host](https://www.wiz.io/blog/the-cloud-has-an-isolation-problem-postgresql-vulnerabilities) - Published 12 August,2022 - STATUS: RESOLVED\n- [Azure Synapse Analytics](https://orca.security/resources/blog/synapse-local-privilege-escalation-vulnerability-spark/) - Published: 1 September,2022 - Status: RESOLVED\n- [Azure Cloud Shell Command Injection Stealing User’s Access Tokens](https://blog.lightspin.io/azure-cloud-shell-command-injection-stealing-users-access-tokens) - Published: 20 September,2022 - Status: RESOLVED\n- [Authenticated SSRF Vulnerability on Azure API Management Service](https://orca.security/resources/blog/ssrf-vulnerabilities-azure-api-management/) - Published: 17 January,2023 - Status: RESOLVED\n- [Authenticated SSRF Vulnerability on Azure Machine Learning Service](https://orca.security/resources/blog/ssrf-vulnerabilities-azure-machine-learning/) - Published: 17 January,2023 - Status: RESOLVED\n- [Unauthenticated SSRF Vulnerability on Azure Digital Twins Explorer](https://orca.security/resources/blog/ssrf-vulnerabilities-azure-digital-twins/) - Published: 17 January,2023 - Status: RESOLVED\n- [Unauthenticated SSRF Vulnerability on Azure Functions](https://orca.security/resources/blog/ssrf-vulnerabilities-azure-functions-app/) - Published: 17 January,2023 - Status: RESOLVED\n- [Azure Active Directory B2C service – Crypto Misuse and Account Compromise](https://www.praetorian.com/blog/azure-b2c-crypto-misuse-and-account-compromise/) - Published: 15 February,2023 - Status: RESOLVED\n - [Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer](https://orca.security/resources/blog/super-fabrixss-azure-vulnerability/) - Published: 30 March,2023 - Status: RESOLVED\n \n### Google Cloud \n- [Cloud SQL's PostgreSQL engine - escape to host](https://www.wiz.io/blog/the-cloud-has-an-isolation-problem-postgresql-vulnerabilities) - Published 12 August,2022 - STATUS: RESOLVED\n- [Asset Key Thief - Google Cloud privilege escalation vulnerability that enabled principals with the \"Cloud Asset Viewer\" role](https://engineering.sada.com/asset-key-thief-disclosure-cfae4f1778b6) - Published 19 April,2023 - STATUS: RESOLVED\n\n\n### Oracle Cloud \n- [AttachMe: critical OCI vulnerability allows unauthorized access to customer cloud storage volumes](https://www.wiz.io/blog/attachme-oracle-cloud-vulnerability-allows-unauthorized-cross-tenant-volume-access) - Published 21 September,2022 - STATUS: RESOLVED\n\n### IBM Cloud \n\n### Alibaba Cloud\n- [BrokenSesame](https://www.wiz.io/blog/brokensesame-accidental-write-permissions-to-private-registry-allowed-potential-r)  - Published 19 April,2023 - STATUS: RESOLVED\n\n### All Cloud\n- [sudo vulnerability](https://www.wiz.io/blog/recent-linux-sudo-vulnerability-affects-a-major-percent-of-cloud-workloads/) - Published 6 August,2021 - Status: PARTIAL (requires User Caution)\n- [Dynamic DNS](https://www.wiz.io/blog/is-your-organization-leaking-sensitive-dynamic-dns-data-heres-how-to-find-out/) - Published 6 August,2021 - Status: PARTIAL (requires User Caution)\n- [Log4Shell](https://snyk.io/blog/log4j-vulnerability-software-supply-chain-security-log4shell/) - Published 13 December,2021 - Status: Resolved\n- [Spring4Shell](https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORKCLOUD-2436645) - Published 13 March,2022 - Status: Resolved\n\n# Useful Links\n\n## Security Bulletin\n* Amazon Web Services (AWS) - ([link](https://aws.amazon.com/security/security-bulletins/))\n* Microsoft - ([link](https://docs.microsoft.com/en-us/security-updates/))\n* Google Cloud -  ([link](https://cloud.google.com/support/bulletins))\n\n## Vulnerability Disclosure\nAll identified vulnerabilities should be disclosed to the vendors/maintainers of affected software or hardware systems directly. All major cloud providers have published disclosure addresses\n* AWS - ([link](https://aws.amazon.com/security/vulnerability-reporting/))\n* Azure - ([link](https://www.microsoft.com/en-us/msrc/bounty))\n* Google GCP - ([link](https://www.google.com/appserve/security-bugs/m2/new))\n* Oracle OCI - ([link](https://www.oracle.com/corporate/security-practices/assurance/vulnerability/reporting.html)).\n\n## Other Community Links - you may find helpful for Cloud Security\n* Toni De La Fuente - [My-Arsenal-of-aws-security-tools](https://github.com/toniblyx/my-arsenal-of-aws-security-tools)\n* Wiz - [Cloud Vulnerability Database] [cloudvulndb](https://www.cloudvulndb.org/)\n* Orca Security - [Cloud Risk Encyclopedia](https://orca.security/resources/cloud-risk-encyclopedia/)\n* LightSpin - [Attack Path for Domains](https://recon.cloud/)\n* Snyk - [Open Source Vulnerability Database](https://security.snyk.io/)\n* JupiterOne - [Starbase - a Graph-based security analysis](https://github.com/JupiterOne/starbase)\n\nFor more Cloud Security Resources, Training, Interviews and more check out Cloud Security Podcast \n[Website](www.cloudsecuritypodcast.tv) | [YouTube](https://www.youtube.com/c/CloudSecurityPodcast?sub_confirmation=1) | [Linkedin](https://www.linkedin.com/company/cloud-security-podcast/) | [Apple](https://podcasts.apple.com/us/podcast/cloud-security-podcast/id1489678590) | [Spotify](https://open.spotify.com/show/6LZgeh4GecRYPc0WrwMB4I) | [Twitter](https://twitter.com/CloudSecPod)\n","funding_links":[],"categories":["Resources","0x01 资料 :books:"],"sub_categories":["Guides and Tutorials","8 云服务文章"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhashishrajan%2Fcloud-security-vulnerabilities","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhashishrajan%2Fcloud-security-vulnerabilities","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhashishrajan%2Fcloud-security-vulnerabilities/lists"}