Remediation

28 tickets across in-flight remediation work. SLA tracked per severity.

Backlog

4

JWT signed with weak HS256 secret

AK

Aisha

#7985due Jan 4

Insecure deserialization in message queue consumer

medium fnd_1115

DL

Diego

#780due Jan 12

Open Redis without auth

PP

Priya

#4150due Jan 22

Cross-site Scripting in profile renderer

AK

Aisha

#8279due Jan 2

In progress

14

Container running as root

medium fnd_2115

DL

Diego

#2150due Jan 10

Missing rate limiting on /login

medium fnd_1683

JO

James

due Jan 12

Insecure deserialization in message queue consumer

medium fnd_2245

AK

Aisha

due Jan 5

SSRF in webhook fetcher

PP

Priya

#4542due Jan 3

IAM role with wildcard permissions

MW

Marcus

#7217due Jan 21

Excessive Kubernetes RBAC privileges

PP

Priya

#1719due Jan 16

Race condition in payment idempotency

RK

Robert

#6643due Jan 6

Hardcoded AWS access key in source

MW

Marcus

#3196due Jan 8

Dependency confusion risk on internal package

PP

Priya

due Jan 5

Dependency confusion risk on internal package

medium fnd_1316

MW

Marcus

#3124due Jan 14

Unencrypted RDS snapshot

ER

Elena

#2109due Jan 11

Missing rate limiting on /login

SC

Sarah

#5456due Jan 16

Outdated lodash with prototype pollution

AK

Aisha

#7035due Jan 17

Insecure deserialization in message queue consumer

AK

Aisha

#2483due Jan 22

In review

3

Missing CSP header on auth pages

AK

Aisha

due Jan 15

Open Redis without auth

ER

Elena

#410due Jan 8

Excessive Kubernetes RBAC privileges

RK

Robert

due Jan 19

Done

7

Missing rate limiting on /login

AK

Aisha

due Jan 16

Terraform module pins old AMI with CVEs

RK

Robert

due Jan 17

Unencrypted RDS snapshot

MW

Marcus

#8521due Jan 13

JWT signed with weak HS256 secret

medium fnd_1625

AK

Aisha

#9608due Jan 18

JWT signed with weak HS256 secret

MW

Marcus

#7281due Jan 19

Dependency confusion risk on internal package

ER

Elena

#5201due Jan 12

Unencrypted RDS snapshot

JO

James

due Jan 3