CVEReports
CVEReports

Automated vulnerability intelligence platform. Comprehensive reports for high-severity CVEs generated by AI.

Product

  • Home
  • Sitemap
  • RSS Feed

Company

  • About
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CVEReports. All rights reserved.

Made with love by Amit Schendel & Alon Barad



GHSA-MVM6-F9R3-FGFX

GHSA-mvm6-f9r3-fgfx: JSON Policy Injection in AWS SDK for .NET CloudFront Signers

Amit Schendel
Amit Schendel
Senior Security Researcher

Mar 28, 2026·6 min read·40 visits

Executive Summary (TL;DR)

Unescaped quotes and backslashes in AWS SDK for .NET CloudFront utilities allow attackers to inject malicious JSON into custom policies, bypassing intended access controls for private CloudFront content.

The AWS SDK for .NET contains a vulnerability in its CloudFront signing utilities where improper escaping of special characters permits JSON policy injection. Attackers who can control input passed to the signing methods can alter the generated CloudFront custom policy, allowing them to bypass access restrictions and access private resources.

Vulnerability Overview

The AWS SDK for .NET provides utilities to programmatically generate Amazon CloudFront signed URLs and signed cookies. These mechanisms are used to restrict access to private content served through CloudFront, ensuring that only authenticated or authorized clients can retrieve specific resources. The signing process relies on constructing a JSON-formatted Custom Policy document that defines the exact access parameters, such as the allowed resource path, expiration time, and permitted IP ranges.

A vulnerability exists within the AWSSDK.CloudFront and AWSSDK.Extensions.CloudFront.Signers packages where the SDK fails to properly neutralize special characters when constructing these JSON policy documents. Specifically, the SDK does not adequately escape double quotes (") and backslashes (\) present in the input variables before concatenating them into the final JSON string.

This flaw is classified as Improper Encoding or Escaping of Output (CWE-116). By exploiting this vulnerability, an attacker who controls the input parameters can break out of the intended JSON value context. The attacker can then inject arbitrary JSON key-value pairs into the policy document, fundamentally altering the access control rules enforced by CloudFront.

Root Cause Analysis

CloudFront Custom Policies are structured as JSON documents containing a Statement array. Each statement specifies a Resource and various Condition blocks that dictate access rules. When developers use the SDK's signing methods, they provide parameters such as the target URL or client IP addresses. The SDK dynamically constructs the JSON policy using these provided parameters.

Prior to the patched versions, the SDK assembled this JSON document using string formatting or concatenation rather than a safe JSON serialization library, or it failed to apply a proper escaping routine to the input strings. Because double quotes and backslashes were not sanitized, any input containing these characters was inserted verbatim into the JSON structure.

When a developer passes user-controlled data to a vulnerable signing method, the untrusted data is directly embedded into a JSON string value. If the input contains a double quote, the JSON parser reading the generated policy will interpret that quote as the termination of the string literal. Any subsequent characters in the input are then parsed as structural JSON elements rather than data, enabling JSON injection.

Code Analysis

The vulnerability manifests when developers use methods like AmazonCloudFrontUrlSigner.SignUrl. The method accepts parameters like the resource URL and constructs a policy internally if a custom policy is not explicitly provided by the developer.

// Conceptual representation of the vulnerable code pattern
string resourceUrl = userInput;
string policy = @"{""Statement"":[{
    ""Resource"":""" + resourceUrl + @""",
    ""Condition"":{
        ""DateLessThan"":{""AWS:EpochTime"":1672531200}
    }
}]}";

In the vulnerable pattern above, resourceUrl is concatenated directly into the policy string. If userInput contains a double quote, it closes the "Resource" value. The patch addresses this by implementing strict escaping for user-controlled variables before they are incorporated into the JSON document.

// Conceptual representation of the patched code pattern
string escapedResourceUrl = resourceUrl.Replace("\\", "\\\\").Replace("\"", "\\\"");
string policy = @"{""Statement"":[{
    ""Resource"":""" + escapedResourceUrl + @""",
    ""Condition"":{
        ""DateLessThan"":{""AWS:EpochTime"":1672531200}
    }
}]}";

The fix ensures that any backslashes or double quotes within the input are prefixed with an escape character. This forces the downstream JSON parser to treat these characters as literal string content rather than structural delimiters, neutralizing the injection vector.

Exploitation Methodology

Exploitation requires an application that accepts user input and incorporates it into a CloudFront signed URL or cookie without prior validation. The attacker crafts a payload containing a double quote to close the active JSON field, followed by a comma, and then entirely new JSON keys and values.

Consider an application that generates signed URLs for user-specific directories: https://example.com/files/ + userInput. An attacker provides the following string as their input: ", "Condition": {"DateLessThan": {"AWS:EpochTime": 2147483647}} }.

When the SDK processes this input, the resulting JSON policy document will include the injected condition:

{
  "Statement": [{
    "Resource": "https://example.com/files/", 
    "Condition": {"DateLessThan": {"AWS:EpochTime": 2147483647}} },
    "Condition": {"DateLessThan": {"AWS:EpochTime": 1672531200}}
  }]
}

Depending on the JSON parser's behavior regarding duplicate keys, the injected Condition block may override the original restrictions set by the application. This allows the attacker to unilaterally modify the expiration time or remove IP-based restrictions from the generated signature.

Impact Assessment

The primary impact of this vulnerability is a high loss of confidentiality. By successfully injecting custom conditions into the CloudFront policy, an attacker can generate valid cryptographic signatures that grant broader access than the application intended. This allows the attacker to bypass time-based expirations or IP-based geo-restrictions.

Furthermore, if the injected payload alters the Resource field to include wildcards (e.g., https://example.com/*), the attacker could use the resulting signed URL or cookie to access arbitrary private files within the same CloudFront distribution. This effectively defeats the primary access control mechanism for the content delivery network.

> [!NOTE] > The integrity impact is rated as low. While the attacker can modify the logical conditions of the access policy, they cannot alter the actual files stored behind the CloudFront distribution. The vulnerability does not provide write access to the origin servers or Amazon S3 buckets.

Remediation and Mitigation

Organizations utilizing the AWS SDK for .NET to generate CloudFront signed URLs or signed cookies must upgrade their dependencies immediately. The official patches resolve the string escaping flaws within the policy construction logic.

The required minimum versions are AWSSDK.CloudFront version 3.7.510.7 and AWSSDK.Extensions.CloudFront.Signers version 4.0.0.31. Upgrading to these versions or newer ensures that the SDK internally escapes all double quotes and backslashes before integrating parameters into the JSON policy.

As a defense-in-depth measure, development teams should implement strict input validation at the application layer. User-provided data destined for CloudFront signing methods should be sanitized or validated against a strict allowlist. Rejecting inputs containing double quotes or backslashes before they reach the AWS SDK provides an additional layer of security against future injection flaws.

Official Patches

Amazon Web ServicesAWS SDK for .NET Security Advisories

Technical Appendix

CVSS Score
9.3/ 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

Affected Systems

AWS SDK for .NETNuGet Package: AWSSDK.CloudFrontNuGet Package: AWSSDK.Extensions.CloudFront.Signers

Affected Versions Detail

Product
Affected Versions
Fixed Version
AWSSDK.CloudFront
Amazon Web Services
< 3.7.510.73.7.510.7
AWSSDK.Extensions.CloudFront.Signers
Amazon Web Services
< 4.0.0.314.0.0.31
AttributeDetail
CWE IDCWE-116
Attack VectorNetwork
CVSS v3.1 Score9.3 (Critical)
Confidentiality ImpactHigh
Integrity ImpactLow
Exploit StatusNone

MITRE ATT&CK Mapping

T1190Exploit Public-Facing Application
Initial Access
CWE-116
Improper Encoding or Escaping of Output

The software does not properly encode or escape output, which can allow an attacker to alter the structure of the data.

Vulnerability Timeline

Vulnerability patched in AWS SDK for PHP (coordinated fix).
2026-03-03
GHSA-mvm6-f9r3-fgfx published for AWS SDK for .NET.
2026-03-27
Remediation versions released on NuGet.
2026-03-27

References & Sources

  • [1]GitHub Advisory (GHSA-mvm6-f9r3-fgfx)
  • [2]AWS SDK for .NET GitHub Repository
  • [3]AWS SDK for .NET Security Advisories
  • [4]GitLab Advisory Mirror
  • [5]Related PHP Advisory (GHSA-27qh-8cxx-2cr5)
  • [6]Related Java Advisory (GHSA-443W-3RQ3-5M5H)
Related Vulnerabilities
GHSA-27qh-8cxx-2cr5GHSA-443W-3RQ3-5M5H

Attack Flow Diagram

Press enter or space to select a node. You can then use the arrow keys to move the node around. Press delete to remove it and escape to cancel.
Press enter or space to select an edge. You can then press delete to remove it or escape to cancel.

More Reports

•about 2 hours ago•CVE-2026-48788
8.2

CVE-2026-48788: Cross-Site Scripting and Content-Type Spoofing in Remark42 Image Proxy

A critical-severity Cross-Site Scripting (XSS) and Content-Type spoofing vulnerability in Remark42 (versions 1.6.0 through 1.15.0) allows remote attackers to execute arbitrary client-side script code via a crafted image proxy request.

Alon Barad
Alon Barad
3 views•6 min read
•about 5 hours ago•CVE-2026-53462
5.9

CVE-2026-53462: Heap Use-After-Free Vulnerability in ImageMagick Vector Drawing Subsystem

CVE-2026-53462 is a heap Use-After-Free (UAF) vulnerability in ImageMagick's vector drawing subsystem, specifically within the coordinate allocation mechanism in CheckPrimitiveExtent. By parsing a crafted vector image (such as SVG or MVG) with extremely complex primitives, an attacker can trigger a memory reallocation failure. If the application fails to handle this allocation failure cleanly, it leaves a dangling pointer that can subsequently be accessed or freed again, causing memory corruption or an application crash.

Alon Barad
Alon Barad
5 views•7 min read
•about 7 hours ago•CVE-2026-39832
9.1

CVE-2026-39832: Silent Drop of Destination Constraints in golang.org/x/crypto SSH Agent Client

A critical security flaw was identified in the Go package golang.org/x/crypto/ssh/agent. The vulnerability arises during the serialization of key constraints when adding SSH identities to a remote agent or an in-memory keyring. Specifically, custom constraint extensions, such as destination restrictions like restrict-destination-v00@openssh.com, were silently omitted from serialization in client requests. This omission allowed keys to be loaded into the remote agent with zero destination-based restrictions, enabling unauthorized users with access to the agent socket on intermediate hosts to authenticate to any downstream host without policy enforcement. The issue was resolved in version v0.52.0 of the golang.org/x/crypto library.

Amit Schendel
Amit Schendel
7 views•7 min read
•about 8 hours ago•CVE-2026-46597
7.5

CVE-2026-46597: Remote Denial of Service in golang.org/x/crypto/ssh via AES-GCM Padding Integer Overflow

A high-severity Denial of Service (DoS) vulnerability (CVE-2026-46597 / GO-2026-5013) exists in the golang.org/x/crypto/ssh module before version v0.52.0. The flaw stems from an incorrect operator order during a type conversion of the GCM packet padding size, allowing a remote, unauthenticated attacker to trigger an out-of-bounds slice runtime panic and crash the Go process.

Alon Barad
Alon Barad
5 views•7 min read
•about 12 hours ago•CVE-2026-39828
6.3

CVE-2026-39828: Go SSH Server PartialSuccessError Permissions Discard Bypass

A critical security bypass vulnerability was discovered in the Go SSH server implementation within the golang.org/x/crypto/ssh package. When an SSH server authentication callback returned a PartialSuccessError alongside non-nil Permissions, the server silently discarded these permissions before the subsequent authentication step. Consequently, once the user completed the second-factor authentication, the session-level restrictions were dropped, granting the client unauthorized capabilities.

Amit Schendel
Amit Schendel
5 views•7 min read
•about 13 hours ago•CVE-2026-39835
5.3

CVE-2026-39835: Remote Denial of Service via Null Pointer Dereference in Go SSH CertChecker

A Denial of Service (DoS) vulnerability exists in the Go SSH implementation package (golang.org/x/crypto/ssh). The vulnerability is caused by a null pointer dereference (runtime panic) when CertChecker is utilized as a public key callback but its validation fields, IsUserAuthority or IsHostAuthority, are uninitialized.

Amit Schendel
Amit Schendel
10 views•7 min read