Not SimonOrca security researchers disclosed that AWS and Google Cloud CLIs are exposed to the exact same Microsoft Azure CLI vulnerability that risked exposing credentials in logs. Dubbed LeakyCLI, some commands on AWS CLI and Gcloud CLI can expose sensitive information, in the form of environment variables, which can be collected by adversaries when published by tools such as GitHub Actions. There is no CVE ID assigned to the AWS and Gcloud versions of this vulnerability. đ https://orca.security/resources/blog/leakycli-aws-google-cloud-command-line-tools-can-expose-sensitive-credentials-build-logs/
