Medium severity4.3NVD Advisory· Published Nov 9, 2024· Updated Jun 17, 2026
CVE-2024-10953
CVE-2024-10953
Description
An authenticated data.all user is able to perform mutating UPDATE operations on persisted Notification records in data.all for group notifications that their user is not a member of.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- amazon/data.allv5Range: 1.0.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.