In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade @hulumi/drift to version 1.3.2 or higher.
@hulumi/drift is a Local-first drift classifier and live posture validator — distinguishes provider-API churn from console break-glass from genuine IaC drift, then renders read-only live posture findings as JSON, Markdown, and SARIF. Verdict logic mirrors HulumiDrift.tla Ha
Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity via the execute-plan process. An attacker can cause unsafe input to be treated as trusted by supplying externally crafted execute plans without sufficient provenance checks.