Lucene search
K

5 matches found

Snyk
Snyk
added 2026/06/10 7:23 p.m.4 views

Command Injection

Overview aws-cdk-lib is a Version 2 of the AWS Cloud Development Kit library Affected versions of this package are vulnerable to Command Injection via the NodejsFunction local bundling pipeline, when an attacker controls the value of one or more of the properties externalModules, define, loader,...

7.3CVSS5.9AI score0.00936EPSS
Exploits1References2
NVD
NVD
added 2026/06/10 6:16 p.m.10 views

CVE-2026-11417

OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 2.246.0 on Windows might allow an actor who controls the value of one or more bundling properties externalModules, define, loader, inject, or esbuildArgs to execute arbitrary commands on the host...

7.3CVSS0.00936EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/10 5:39 p.m.31 views

CVE-2026-11417 OS Command Injection in NodejsFunction Bundling in aws-cdk-lib

OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 2.246.0 on Windows might allow an actor who controls the value of one or more bundling properties externalModules, define, loader, inject, or esbuildArgs to execute arbitrary commands on the host...

7.3CVSS0.00936EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.12 views

PT-2026-48489

Name of the Vulnerable Software and Affected Versions aws-cdk-lib versions prior to 2.245.0 aws-cdk-lib versions prior to 2.246.0 Windows Description OS command injection exists in the NodejsFunction local bundling pipeline. An actor who controls the value of one or more bundling...

7.3CVSS6.2AI score0.00936EPSS
Exploits1References11
vulnersOsv
vulnersOsv
added 2025/03/24 3:45 p.m.7 views

@aligent/cdk-esbuild (=2.1.0), @aligent/cdk-graphql-mesh-server (>=2.2.0 <=2.17.0) +262 more potentially affected by unknown CVE via aws-cdk-lib (>=2.0.0-alpha.4 <=2.188.0)

aws-cdk-lib NPM version =2.0.0-alpha.4, =2.2.0, =2.3.7, =2.1.0, =2.1.0, =2.0.0-beta, =5.0.31-acdk-upgrade-2-129.0, =2.16.0-acdk-upgrade-2-129.0, =5.0.31-acdk-upgrade-2-129.0, =3.7.10-acdk-upgrade-2-129.0, =3.1.19-acdk-upgrade-2-129.0, =5.7.5-acdk-upgrade-2-129.0, =3.5.10-acdk-upgrade-2-129.0,...

5.8AI score
Exploits0
Rows per page
Query Builder