3 matches found
CVE-2026-54288
The CVE-2026-54288 issue affects the Hono Web framework prior to version 4.12.25, where the Body Limit Middleware trusts the request Content-Length header. On AWS Lambda environments (API Gateway v1/v2, ALB, VPC Lattice, and Lambda@Edge), the body is fully buffered and the adapter builds the requ...
CVE-2019-10777
In aws-lambda versions prior to version 1.0.5, the "config.FunctioName" is used to construct the argument used within the "exec" function without any sanitization. It is possible for a user to inject arbitrary commands to the "zipCmd" used within "config.FunctionName"...
@xapp/stentor (>=1.13.9 <=1.15.0) potentially affected by CVE-2019-10777 via aws-lambda (>=1.0.0 <=1.0.4)
aws-lambda NPM version =1.0.0, =1.13.9, =1.15.0 Source cves: CVE-2019-10777 Source advisory: SNYK:JS-AWSLAMBDA-540839...