CVE-2024-52312 Information

Description

Due to inconsistent authorization permissions data.all may allow an external actor with an authenticated account to perform restricted operations against DataSets and Environments.

Reference

https://aws.amazon.com/security/security-bulletins/AWS-2024-013 https://github.com/data-dot-all/dataall/security/advisories/GHSA-676j-g6g5-chj9