Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/04/02 3:42 p.m.7 views

CVE-2025-3047

When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...

6.9CVSS7.3AI score0.00121EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2025/03/31 10:36 p.m.13 views

AWS SAM CLI Path Traversal allows file copy to build container

Summary The AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker. When running the AWS SAM CLI build process with Docker and symlinks are include...

6.9CVSS6.7AI score0.00121EPSS
Exploits0References6Affected Software1
NVD
NVDadded 2025/03/31 4:15 p.m.6 views

CVE-2025-3048

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

6.9CVSS0.00042EPSS
Exploits0References3
NVD
NVDadded 2025/03/31 4:15 p.m.8 views

CVE-2025-3047

When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...

6.9CVSS0.00121EPSS
Exploits0References3
CVE
CVEadded 2025/03/31 3:21 p.m.48 views

CVE-2025-3048

CVE-2025-3048 concerns AWS SAM CLI. When building with Docker (--use-container) and symlinks are included, the content of those symlinks can be copied into the SAM CLI cache as regular files/directories, potentially exposing privileged host files to users within the local workspace. This affects ...

6.9CVSS6.7AI score0.00042EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/03/31 3:21 p.m.7 views

CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

6.9CVSS6.7AI score0.00042EPSS
Exploits0References3
CVE
CVEadded 2025/03/31 3:21 p.m.58 views

CVE-2025-3047

CVE-2025-3047 affects the AWS SAM CLI when building with Docker in the local workspace. The issue arises from symlinks in build files, enabling a user to access privileged host files through the container’s elevated permissions. Impact is limited to local workspaces using container builds and doe...

6.9CVSS6.6AI score0.00121EPSS
Exploits0References3
Kitploit
Kitploitadded 2020/01/22 11:30 a.m.74 views

AlertResponder - Automatic Security Alert Response Framework By AWS Serverless Application Model

AlertResponder is a serverless framework for automatic response of security alert. Overview AlertResponder receives an alert that is event of interest from security view point and responses the alert automatically. AlertResponder has 3 parts of automatic response. 1. Inspector investigates entiti...

7AI score
Exploits0References3
Rows per page
Query Builder