Assets

search-api-lambda-57

lambda · AWS · eu-central-1 · qa

Internet-exposed

Posture

critical
1
high
3
medium
8
low
5

Ownership

Applicationsearch-api
TeamIdentity
OwnerMarcus Wei
LanguageRuby
Criticality
tier-2

Findings (18)

medium
JWT signed with weak HS256 secret
TruffleHogSecrets
open
4.5
medium
Race condition in payment idempotency
DependabotSCA
triaged
5.4
high
Cross-site Scripting in profile renderer
Scout SuiteCSPM
accepted
7.4
critical
Terraform module pins old AMI with CVEs
CheckmarxSAST
accepted
9.3
medium
Insecure deserialization in message queue consumer
Cloudflare WAFWAF
open
7
low
Cross-site Scripting in profile renderer
Burp Pro PenTestPenTest
triaged
5.5
low
JWT signed with weak HS256 secret
TrivyContainer
triaged
9.4
medium
Terraform module pins old AMI with CVEs
Scout SuiteCSPM
open
9.1
medium
Insecure deserialization in message queue consumer
Scout SuiteCSPM
open
4.3
medium
S3 bucket publicly readable
OWASP ZAPDAST
triaged
7.1
medium
SQL Injection in user-input handler
tfsecIaC
open
7
high
Excessive Kubernetes RBAC privileges
SonarQubeSAST
false positive
7
high
Excessive Kubernetes RBAC privileges
GitleaksSecrets
triaged
7.8