Product

@Hulumi/Policies

1 brief RSS

@hulumi/policies: CIS 1.16 Admin Policy Bypass Vulnerability

@hulumi/policies versions before 1.3.2 improperly inspect inline and attached IAM policies, potentially allowing admin-equivalent policy paths to bypass the administrator-policy guardrail, resulting in a CIS 1.16 admin policy bypass.

@hulumi/policies +1 vulnerability iam policy bypass privilege escalation

2r 1t 58m ago