VDB
GCVE-110-CLOUD-2024-0024
GCVE-110-CLOUD-2024-0024
Advisory Published
Researchers discovered critical vulnerabilities in 6 AWS services that could allow attackers to breach accounts through malicious S3 buckets. By claiming predictable bucket names, attackers could inject code, steal data, or gain admin access. AWS has since fixed the issues, but the attack vector may still apply to other services and open source projects.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| AWS | S3 | — | — |
| AWS | Cloud Services | — | — |
| AWS | CloudFormation, Glue, EMR, SageMaker, CodeStar, ServiceCatalog | — | — |
Browse GCVE Records
73,393 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.