Assets

auth-service-s3-bucket-40

s3-bucket · AWS · ap-southeast-2 · dev

Posture

critical
1
high
5
medium
4
low
9

Ownership

Applicationauth-service
TeamGrowth
OwnerElena Rossi
LanguagePython
Criticality
tier-2

Findings (20)

low
Race condition in payment idempotency
SemgrepSAST
triaged
9.6
low
IAM role with wildcard permissions
CodeQLSAST
open
7.5
high
SQL Injection in user-input handler
GrypeContainer
open
8.9
low
Unencrypted RDS snapshot
Cloudflare WAFWAF
triaged
9.6
info
S3 bucket publicly readable
TruffleHogSecrets
triaged
8.9
high
Cross-site Scripting in profile renderer
CheckmarxSAST
triaged
6.4
low
Insecure deserialization in message queue consumer
SnykSCA
accepted
8.4
low
Outdated lodash with prototype pollution
OWASP ZAPDAST
open
7
medium
Container running as root
tfsecIaC
open
6.6
low
Terraform module pins old AMI with CVEs
GitleaksSecrets
triaged
4.2
medium
SSRF in webhook fetcher
tfsecIaC
open
4.6
low
Excessive Kubernetes RBAC privileges
Cloudflare WAFWAF
accepted
6.2
low
Terraform module pins old AMI with CVEs
OWASP ZAPDAST
triaged
8.4
high
Dependency confusion risk on internal package
GrypeContainer
accepted
4.6
high
Hardcoded AWS access key in source
Burp Pro PenTestPenTest
triaged
7.3
medium
Insecure deserialization in message queue consumer
OWASP ZAPDAST
triaged
4.4
medium
Missing CSP header on auth pages
TruffleHogSecrets
triaged
8.2
high
Hardcoded AWS access key in source
CheckovIaC
open
8