all InfoSec news
Insecure Deserialization in AWS Lambda | What is the Vulnerability and How to Avoid It? | Contrast Security
Security Boulevard securityboulevard.com
At the beginning of December, many companies worldwide were hit by the newly discovered vulnerability known as Log4Shell. The CVSS classifies this vulnerability as critical, and the impact could be very severe for those who do not fix it. Log4Shell is entered in the category CWE-502 Deserialization of Untrusted Data, a common language issue known as Common Weakness Enumeration (CWE), provided by MITRE. This category of vulnerability is a regular member of the OWASP Top 10 project.
The post …
aws aws lambda cloud security contrast security deserialization insecure lambda security serverless vulnerability