423 matches found
OSV-2025-729 UNKNOWN READ in sam_hrecs_free_tags
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=444492076 Crash type: UNKNOWN READ Crash state: samhrecsfreetags samhrecsparsesingleline samhdrbuildfromsamfile...
Linux Distros Unpatched Vulnerability : CVE-2021-3738
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handle...
CVE-2020-2180
Jenkins AWS SAM Plugin 1.2.2 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...
CVE-1999-0435
MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM...
Unauthorized File Access
awssamcli is vulnerable to Unauthorized File Access. The vulnerability is due to insecure symlink resolution during the build process, which causes the contents of symlinks to be copied into the local workspace cache as regular files, allows an attacker to access restricted files...
AWS SAM CLI Installed (Windows)
Binary data awssamcliwindetect.nbin...
AWS SAM CLI < 1.133.0 multiple vulnerabilities
The version of AWS SAM CLI installed on the remote host is prior to 1.133.0 and is, therefore, affected by multiple vulnerabilities: - When running the AWS SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged...
CVE-2025-3047
When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...
CVE-2025-3048
After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...
GHSA-PP64-WJ43-XQCR AWS SAM CLI Path Traversal allows file copy to local cache
Summary The AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker. After completing a build with AWS SAM CLI which include symlinks, the content o...
better-lambda-deploy (>=0.0.4 <=0.6.9), localambda (=0.0.1) potentially affected by CVE-2025-3048 via aws-sam-cli (>=0.40.0 <=1.12.0)
aws-sam-cli PYPI version =0.40.0, =0.0.4, =0.6.9 - localambda =0.0.1 Source cves: CVE-2025-3048 Source advisory: OSV:GHSA-PP64-WJ43-XQCR...
AWS SAM CLI Path Traversal allows file copy to local cache
Summary The AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker. After completing a build with AWS SAM CLI which include symlinks, the content o...
better-lambda-deploy (>=0.0.4 <=0.6.9), localambda (=0.0.1) potentially affected by CVE-2025-3047 via aws-sam-cli (>=0.40.0 <=1.12.0)
aws-sam-cli PYPI version =0.40.0, =0.0.4, =0.6.9 - localambda =0.0.1 Source cves: CVE-2025-3047 Source advisory: OSV:GHSA-PX37-JPQX-97Q9...
GHSA-PX37-JPQX-97Q9 AWS SAM CLI Path Traversal allows file copy to build container
Summary The AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker. When running the AWS SAM CLI build process with Docker and symlinks are include...
CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache
After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...
CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache
After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...
CVE-2025-3047 Path Traversal in AWS SAM CLI allows file copy to build container
When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...
CVE-2025-3047 Path Traversal in AWS SAM CLI allows file copy to build container
When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...
AWS SAM CLI 安全漏洞
AWS SAM CLI is an Amazon Web Services open source CLI tool for building, testing, debugging, and deploying serverless applications using AWS SAM. A security vulnerability exists in AWS SAM CLI that stems from the possibility that symbolic link content could be copied to the local workspace cache...
Sam Spade 1.14 SEH Overflow / DLL Injection
Sam Spade version 1.14 SEH overflow exploit that leverages DLL injection. Exploit Title: Sam Spade 1.14 - SEH Overflow via Arbitrary DLL Injection Date: 14.03.2024 Software Link: https://www.majorgeeks.com/files/details/samspade.html Exploit Author: Ahmet Ümit BAYRAM Tested Version: 1.14 Tested o...