VDB
GCVE-110-CLOUD-2023-0020
GCVE-110-CLOUD-2023-0020
Advisory Published
Researchers at Omegapoint identified two issues in AWS API Gateway authorizers: 1) A header rewrite feature could be abused to bypass authorization by overwriting headers after the authorizer lambda processed them. 2) Caching of authorization policies could be exploited to reuse cached policies with modified identification sources, bypassing the authorizer.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| AWS | Cloud Services | — | — |
| AWS | API Gateway | — | — |
| AWS | Lambda | — | — |
Browse GCVE Records
72,096 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.