Bounties
Partners
Community
Info
aws / aws-cli
Project repository
Universal Command Line Interface for Amazon Web Services
Submit a report
FIRST INTERACTION
WITHIN
41 DAYS
REVIEW
WITHIN
52 DAYS
FIX
WITHIN
N/A DAYS
Symbolic Command Table Injection via Plugin/Alias Rerouting in CLIDriver.main()
Jul 29th 2025
darkeeeandme
•
not applicable
Symbolic Parameter Injection via Unchecked CLI Unpacking in add_to_params()
Jul 29th 2025
darkeeeandme
•
not applicable
Arbitrary Code Execution via Unvalidated Plugin Path Injection in load_plugins()
Jul 29th 2025
darkeeeandme
•
not applicable
Unvalidated Parameter File Expansion via get_paramfile() Enables File Poisoning
Jul 29th 2025
darkeeeandme
•
not applicable
A hidden backdoor on aws-cli
Apr 15th 2025
groovybugify
•
not applicable
Use of weak MD5 hash
Oct 4th 2024
giantathos
•
informative
None
Improper Neutralization of Special Elements used in an OS Command
Jan 31st 2024
hob1t
•
self closed
Insecure Handling of Credentials in Function Call Parameters
Dec 15th 2023
sachin141
•
not applicable
CRITICAL
$1200
HIGH
$600
MEDIUM
$100
LOW
$15