5 matches found
EUVD-2025-9050
Malicious code in bioql PyPI...
EUVD-2025-10958
Malicious code in bioql PyPI...
Incorrect Execution-Assigned Permissions
aws-cdk-lib is vulnerable to Incorrect Execution-Assigned Permissions. The vulnerability is due to unexpected Aspect execution order due to the introduction of a new priority system that overrides hierarchical aspect evaluation, potentially leading to incorrect permissions boundaries being assign...
Overly Permissive Authorization
aws-cdk-lib is vulnerable to Overly Permissive Authorization. The vulnerability is due to the CDK Construct Library automatically generating an overly permissive AWS IAM trust policy, which allows any user with unrestricted sts:AssumeRole permissions to assume the role...
@aligent/cdk-esbuild (=2.1.0), @aligent/cdk-graphql-mesh-server (>=2.2.0 <=2.17.0) +242 more potentially affected by CVE-2025-23206 via aws-cdk-lib (>=2.0.0-alpha.4 <=2.176.0)
aws-cdk-lib NPM version =2.0.0-alpha.4, =2.2.0, =2.3.7, =2.1.0, =2.1.0, =2.0.0-beta, =5.0.31-acdk-upgrade-2-129.0, =2.16.0-acdk-upgrade-2-129.0, =5.0.31-acdk-upgrade-2-129.0, =3.7.10-acdk-upgrade-2-129.0, =3.1.19-acdk-upgrade-2-129.0, =5.7.5-acdk-upgrade-2-129.0, =3.5.10-acdk-upgrade-2-129.0,...