Lucene search
K

6 matches found

OSV
OSV
added 2026/06/15 8:47 p.m.6 views

GHSA-999R-QQ7V-R334 aws-cdk-lib: OS Command Injection in NodejsFunction Bundling

Summary AWS CDK aws-cdk-lib is an open-source framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 2.246.0 on Windows might allow a threat actor who...

7.3CVSS6.3AI score0.00936EPSS
Exploits1References7
EUVD
EUVD
added 2026/06/15 8:47 p.m.10 views

EUVD-2026-36076

aws-cdk-lib: OS Command Injection in NodejsFunction Bundling...

7.3CVSS5.3AI score0.00936EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2026/06/13 2:34 p.m.88 views

Exploit for CVE-2026-11417

CVE-2026-11417-AWS-CDK-RCE Techn...

7.3CVSS5.6AI score0.00936EPSS
Exploits1
Snyk
Snyk
added 2026/06/10 7:23 p.m.4 views

Command Injection

Overview aws-cdk-lib is a Version 2 of the AWS Cloud Development Kit library Affected versions of this package are vulnerable to Command Injection via the NodejsFunction local bundling pipeline, when an attacker controls the value of one or more of the properties externalModules, define, loader,...

7.3CVSS5.9AI score0.00936EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

AWS Cloud Development Kit 操作系统命令注入漏洞

AWS Cloud Development Kit is an open-source software development framework developed by Amazon Web Services. It is used to define cloud infrastructure in code and configure it using AWS CloudFormation. Versions of the AWS Cloud Development Kit prior to 2.245.0 contained a vulnerability related to...

7.3CVSS5.8AI score0.00936EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.11 views

PT-2026-48489

Name of the Vulnerable Software and Affected Versions aws-cdk-lib versions prior to 2.245.0 aws-cdk-lib versions prior to 2.246.0 Windows Description OS command injection exists in the NodejsFunction local bundling pipeline. An actor who controls the value of one or more bundling...

7.3CVSS6.2AI score0.00936EPSS
Exploits1References11
Rows per page
Query Builder