AWS CodeBuild Vulnerability Allows Build Process Secrets Extraction (Research)

[email protected] (Wiz Threat Research) 2025-07-23T00:00:00+00:00 View Original

Full Report

The vulnerability in AWS CodeBuild arises when a source code repository is configured to trigger builds based on pull requests or other actions from untrusted contributors. In such cases, an attacker can submit a pull request containing arbitrary code, which is then executed i...

Analysis Summary