Security News

Amazon ECR Public Gallery flaw could have wiped or poisoned any image

2022-12-13 14:00

A severe security flaw in the Amazon ECR Public Gallery could have allowed attackers to delete any container image or inject malicious code into the images of other AWS accounts.Amazon ECR Public Gallery is a public repository of container images used for sharing ready-to-use applications and popular Linux distributions, such as Nginx, EKS Distro, Amazon Linux, CloudWatch agent, and Datadog agent.

#amazon #AWS #ECR

Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability

2022-12-13 13:58

A critical security flaw has been disclosed in Amazon Elastic Container Registry Public Gallery that could have been potentially exploited to stage a multitude of attacks, according to cloud security firm Lightspin. "By exploiting this vulnerability, a malicious actor could delete all images in the Amazon ECR Public Gallery or update the image contents to inject malicious code," Gafnit Amiga, director of security research at Lightspin, said in a report shared with The Hacker News.

#amazon #attack #ECR #vulnerability

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Amazon ECR Public Gallery flaw could have wiped or poisoned any image

Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability

Security News