Overly Permissive Authorization
aws-cdk-lib is vulnerable to Overly Permissive Authorization. The vulnerability is due to the CDK Construct Library automatically generating an overly permissive AWS IAM trust policy, which allows any user with unrestricted sts:AssumeRole permissions to assume the role...