Amazon Web Services has fixed two flaws affecting AWS Glue and AWS CloudFormation.
The bug in AWS Glue could allow an attacker using the service to create resources and access data of other AWS Glue customers, according to Orca Security.
Orca researchers say it was due to an internal misconfiguration within AWS Glue, which AWS today confirmed it has since fixed.
Glue, which launched in 2017, is a managed serverless data integration service for connecting large databases, allowing developers to extract, transform and load (ETL) for machine-learning jobs.
