3 matches found
Incorrect Execution-Assigned Permissions
aws-cdk-lib is vulnerable to Incorrect Execution-Assigned Permissions. The vulnerability is due to unexpected Aspect execution order due to the introduction of a new priority system that overrides hierarchical aspect evaluation, potentially leading to incorrect permissions boundaries being assign...
PT-2025-19363 · Npm · Aws-Cdk-Lib
Summary The AWS Cloud Development Kit AWS CDK is an open-source software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. In the CDK, developers organize their applications into reusable components called "constructs," which are...
Reducing Risk With Identity Access Management (IAM)
A cloudy picture of identity and access As your supply chain grows, so does your attack surface. As business scales up and cloud providers release new services and resources to support, it becomes exponentially more challenging for security teams to manage access. With this growth, an intrinsic —...