VDB
GCVE-110-CLOUD-2022-0023
GCVE-110-CLOUD-2022-0023
Advisory Published
AWS CodeArtifact was susceptible to dependency confusion / substitution (i.e, publication of a
malicious package to a public repository with the same name as an organization’s internal package).
AWS fixed this issue by adding package origin controls, allowing users to limit how versions of a
given package can be added to a CodeArtifact repository.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| AWS | Cloud Services | — | — |
| AWS | CodeArtifact | — | — |
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.