Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Next runWithAmplifyServerContext operation sometimes returns contextSpec for another user if requests are in parallel #13380

Open
3 tasks done
MarekBodingerBA opened this issue May 14, 2024 · 1 comment
Open
3 tasks done

Next runWithAmplifyServerContext operation sometimes returns contextSpec for another user if requests are in parallel #13380

MarekBodingerBA opened this issue May 14, 2024 · 1 comment
Assignees
@HuiSF
Labels
investigating This issue is being investigated SSR Issues related to Server Side Rendering

Comments

@MarekBodingerBA
Copy link

MarekBodingerBA commented May 14, 2024
edited

Before opening, please confirm:

JavaScript Framework

React, Next.js

Amplify APIs

Authentication

Amplify Version

v6

Amplify Categories

auth

Backend

Other

Environment information

Details in the security advisory.

Describe the bug

I've reported a security advisory, as I can see the issues here are being assigned and resolved while the advisory is without a response for 21 hours. The issue seems to be critical and a bug in Amplify library. Please take a look at the advisory.

https://github.com/aws-amplify/amplify-js/security/advisories/GHSA-78h9-vrf3-cxx5

Expected behavior

Details in the security advisory.

Reproduction steps

Details in the security advisory.

Code Snippet

Details in the security advisory.

Log output

// Put your logs below this line

aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response
@MarekBodingerBA MarekBodingerBA added the pending-triage Issue is pending triage label May 14, 2024
@HuiSF HuiSF self-assigned this May 14, 2024
@HuiSF HuiSF added investigating This issue is being investigated SSR Issues related to Server Side Rendering labels May 14, 2024
@cwomack cwomack removed the pending-triage Issue is pending triage label May 14, 2024
@haverchuck
Copy link
Contributor

@MarekBodingerBA We are investigating.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@HuiSF HuiSF

Labels
investigating This issue is being investigated SSR Issues related to Server Side Rendering
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@HuiSF @haverchuck @cwomack @MarekBodingerBA