Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/04/02 3:40 p.m.9 views

CVE-2025-3048

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

6.9CVSS7.3AI score0.0062EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/03/31 10:36 p.m.4 views

better-lambda-deploy (>=0.0.4 <=0.6.9), localambda (=0.0.1) potentially affected by CVE-2025-3048 via aws-sam-cli (>=0.40.0 <=1.12.0)

aws-sam-cli PYPI version =0.40.0, =0.0.4, =0.6.9 - localambda =0.0.1 Source cves: CVE-2025-3048 Source advisory: OSV:GHSA-PP64-WJ43-XQCR...

6.9CVSS5.4AI score0.0062EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/03/31 10:36 p.m.13 views

AWS SAM CLI Path Traversal allows file copy to local cache

Summary The AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker. After completing a build with AWS SAM CLI which include symlinks, the content o...

6.9CVSS6.7AI score0.0062EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2025/03/31 4:15 p.m.9 views

CVE-2025-3048

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

6.9CVSS0.0062EPSS
Exploits0References3
Circl
Circl
added 2025/03/31 3:31 p.m.10 views

CVE-2025-3048

creationtimestamp| type| source ---|---|--- 2025-03-31 15:31:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9675 2025-03-31 16:40:47+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114258034481176074 2025-03-31 16:40:47+00:00| seen|...

6.9CVSS4.8AI score0.0062EPSS
Exploits0References6
CVE
CVE
added 2025/03/31 3:21 p.m.58 views

CVE-2025-3048

CVE-2025-3048 concerns AWS SAM CLI. When building with Docker (--use-container) and symlinks are included, the content of those symlinks can be copied into the SAM CLI cache as regular files/directories, potentially exposing privileged host files to users within the local workspace. This affects ...

6.9CVSS6.7AI score0.0062EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/31 3:21 p.m.8 views

CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

6.9CVSS6.7AI score0.0062EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/31 3:21 p.m.30 views

CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

6.9CVSS0.0062EPSS
Exploits0References3
Rows per page
Query Builder