Amazon Amazon Amazon

  1. Vendors
  2. Amazon

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Amazon product.

RSS Feeds for Amazon security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Amazon products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Amazon Sorted by Most Security Vulnerabilities since 2018

Amazon Aws97 vulnerabilities

Amazon Freertos19 vulnerabilities

Amazon Aws Software Development Kit4 vulnerabilities

Amazon Workspaces3 vulnerabilities

Amazon Awslabs Sandbox Accounts Events2 vulnerabilities

Amazon Aws Encryption Sdk2 vulnerabilities

Amazon Amplify Cli1 vulnerability

Amazon Freertos Plus Tcp1 vulnerability

Amazon Ion1 vulnerability

Amazon Linux 20231 vulnerability

Amazon Aws Deployment Framework1 vulnerability

Amazon Aws Alb Route Directive Adapter Istio1 vulnerability

Amazon Alexa1 vulnerability

Amazon Ec2 Api Tools Java Library1 vulnerability

Recent Amazon Security Advisories

Advisory Title Published
2026-02-02 Security Findings in SageMaker Python SDK February 2, 2026
2026-01-23 CVE-2026-1386 - Arbitrary Host File Overwrite via Symlink in Firecracker Jailer January 23, 2026
2026-01-15 Unanchored ACCOUNT_ID webhook filters for CodeBuild January 15, 2026
2026-01-09 CVE-2026-0830 - Command Injection in Kiro GitLab Merge Request Helper January 9, 2026
2025-12-17 Key Commitment Issues in S3 Encryption Clients December 17, 2025
2025-12-15 Overly Permissive Trust Policy in Harmonix on AWS EKS December 15, 2025
2025-12-04 CVE-2025-66478: RCE in React Server Components December 4, 2025
2025-11-21 Call audio termination issue in AWS Wickr desktop clients November 21, 2025
2025-11-10 Privilege Escalation in Aurora PostgreSQL using AWS JDBC Wrapper, AWS Go Wrapper, AWS NodeJS Wrapper, AWS Python Wrapper, AWS PGSQL ODBC driver November 10, 2025
2025-11-07 CVE-2025-12829 - Integer Overflow issue in Amazon Ion-C November 7, 2025

By the Year

In 2026 there have been 4 vulnerabilities in Amazon with an average score of 6.7 out of ten. Last year, in 2025 Amazon had 46 security vulnerabilities published. Right now, Amazon is on track to have less security vulnerabilities in 2026 than it did last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.05.




Year Vulnerabilities Average Score
2026 4 6.73
2025 46 6.68
2024 26 6.96
2023 23 6.74
2022 23 7.27
2021 17 8.71
2020 8 7.68
2019 6 7.55
2018 19 6.76

It may take a day or so for new Amazon vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Amazon Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-1778 Feb 02, 2026
Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model is imported, incorrectly Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model is imported, incorrectly allowing for requests with invalid and self-signed certificates to succeed.
Aws
CVE-2026-1777 Feb 02, 2026
The Amazon SageMaker Python SDK before v3.2.0 and v2.256.0 includes the ModelBuilder HMAC signing key in the cleartext response elements of the DescribeTrainingJob function The Amazon SageMaker Python SDK before v3.2.0 and v2.256.0 includes the ModelBuilder HMAC signing key in the cleartext response elements of the DescribeTrainingJob function. A third party with permissions to both call this API and permissions to modify objects in the Training Jobs S3 output location may have the ability to upload arbitrary artifacts which are executed the next time the Training Job is invoked.
Aws
CVE-2026-1386 Jan 23, 2026
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Aws
CVE-2026-0830 Jan 09, 2026
Processing specially crafted workspace folder names could Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version.
Aws
CVE-2025-14764 Dec 17, 2025
Amazon S3 Encryption Client for Go <3.3 key commitment flaw Missing cryptographic key commitment in the Amazon S3 Encryption Client for Go may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade Amazon S3 Encryption Client for Go to version 4.0 or later.
Aws
CVE-2025-14763 Dec 17, 2025
Amazon S3 Encryption Client for Java v<4.0 Key Commitment Vulnerability Missing cryptographic key commitment in the Amazon S3 Encryption Client for Java may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade Amazon S3 Encryption Client for Java to version 4.0.0 or later.
Aws
CVE-2025-14762 Dec 17, 2025
Missing Key Commitment AWS SDK for Ruby <1.208.0 Varying Decryption Missing cryptographic key commitment in the AWS SDK for Ruby may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade AWS SDK for Ruby to version 1.208.0 or later.
Aws
CVE-2025-14761 Dec 17, 2025
AWS SDK for PHP 3.368 Missing key commitment enables EDK injection Missing cryptographic key commitment in the AWS SDK for PHP may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade AWS SDK for PHP to version 3.368.0 or later
Aws
CVE-2025-14760 Dec 17, 2025
Missing Key Commitment in AWS SDK for C++ (before 1.11.712) Missing cryptographic key commitment in the AWS SDK for C++ may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade AWS SDK for C++ to version 1.11.712 or later
Aws
CVE-2025-14759 Dec 17, 2025
Amazon S3 Encryption Client .NET Key Commitment Bypass (Prior to 4.0.0) Missing cryptographic key commitment in the Amazon S3 Encryption Client for .NET may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade Amazon S3 Encryption Client for .NET to version 3.2.0 or later.
Aws
CVE-2025-14503 Dec 15, 2025
Harmonix on AWS IAM Trust Exploit v0.3.0 to v0.4.1 Escalation An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM principal in the same AWS account with sts:AssumeRole permissions to assume the role with administrative privileges. We recommend customers upgrade to Harmonix on AWS v0.4.2 or later if you have deployed the framework using versions v0.3.0 through v0.4.1.
Aws
CVE-2025-55182 Dec 03, 2025
RCFC 19.019.2 Remote Code Exec via Unsafe Deserialization A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
Aws
CVE-2025-13524 Nov 21, 2025
Audio Leak after Call Termination in AWS Wickr<6.62.13 (Windows/macOS/Linux) Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant to continue receiving audio input from another user after they close their call window. This issue occurs under certain conditions, which require the affected user to take a particular action within the application To mitigate this issue, users should upgrade AWS Wickr, Wickr Gov and Wickr Enterprise desktop version to version 6.62.13.
Aws
CVE-2025-12967 Nov 10, 2025
Privilege Escalation in AWS Aurora PG Wrappers v2.6.5 (RDS Superuser) An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. We recommend customers upgrade to the following versions: AWS JDBC Wrapper to v2.6.5, AWS Go Wrapper to 2025-10-17, AWS NodeJS Wrapper to v2.0.1, AWS Python Wrapper to v1.4.0 and AWS PGSQL ODBC driver to v1.0.1
Aws
CVE-2025-12829 Nov 07, 2025
Amazon Ion-C Uninit Stack Read <1.1.4 (CVE-2025-12829) An uninitialized stack read issue exists in Amazon Ion-C versions <v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version v1.1.4.
Aws
CVE-2025-52881 Nov 06, 2025
runc: /proc Redirect via Race in 1.2.7-1.4.0-rc.2 runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have also verified this attack is possible to exploit using a standard Dockerfile with docker buildx build as that also permits triggering parallel execution of containers with custom shared mounts configured). This redirect could be through symbolic links in a tmpfs or theoretically other methods such as regular bind-mounts. While similar, the mitigation applied for the related CVE, CVE-2019-19921, was fairly limited and effectively only caused runc to verify that when LSM labels are written they are actually procfs files. This issue is fixed in versions 1.2.8, 1.3.3, and 1.4.0-rc.3.
Aws
CVE-2025-52565 Nov 06, 2025
runc <1.2.8/1.3.3/1.4.0-rc.3: /dev/console Bind-Mount LFI/Container Breakout runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.
Aws
CVE-2025-31133 Nov 06, 2025
runc CLI BindMount Verification Flaw Exposes Host Escape (1.4.0rc.2) runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container's /dev/null) was actually a real /dev/null inode when using the container's /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.
Aws
CVE-2025-12815 Nov 06, 2025
AWS RES Virtual Desktop Preview Ownership Verification Flaw (2025.08) An ownership verification issue in the Virtual Desktop preview page in the Research and Engineering Studio (RES) on AWS before version 2025.09 may allow an authenticated remote user to view another user's active desktop session metadata, including periodical desktop preview screenshots. To mitigate this issue, users should upgrade to version 2025.09 or above.
Aws
CVE-2025-12779 Nov 05, 2025
Amazon WorkSpaces Linux Client 2023-2024 Auth Token Leak to Local Users Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine. Under certain circumstances, a local user may be able to extract another local user's authentication token from the shared client machine and access their WorkSpace. To mitigate this issue, users should upgrade to the Amazon WorkSpaces client for Linux version 2025.0 or later.
Aws
Workspaces
CVE-2025-11618 Oct 10, 2025
FreeRTOS-Plus-TCP UDP/IPv6 IP-Version Bypass due to validation flaw A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-11617 Oct 10, 2025
FreeRTOS-Plus-TCP IPv6 OOB Read Vulnerability A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-11616 Oct 10, 2025
FreeRTOS-Plus-TCP ICMPv6 OOB Read Vulnerability A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. These issues only affect applications using IPv6. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-11573 Oct 09, 2025
Denial of Service via Infinite Loop in Amazon.IonDotNet <1.3.2 An infinite loop issue in Amazon.IonDotnet library versions <v1.3.2 may allow a threat actor to cause a denial of service through a specially crafted text input. To mitigate this issue, users should upgrade to version v1.3.2. As of August 20, 2025, this library has been deprecated and will not receive further updates.
Aws
CVE-2025-11462 Oct 07, 2025
AWS VPN Client macOS 1.3.25.2.0 Log RotSymlink Elevation Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0 allows a local user to execute code with elevated privileges. Insufficient validation checks on the log destination directory during log rotation could allow a non-administrator user to create a symlink from a client log file to a privileged location. On log rotation, this could lead to code execution with root privileges if the user made crafted API calls which injected arbitrary code into the log file. We recommend users upgrade to AWS VPN Client for macOS 5.2.1 or the latest version.
Aws
CVE-2025-9039 Aug 14, 2025
Amazon ECS Agent <1.97.1: Off-Host Introspection Access via SG We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is hosted. This issue does not affect instances where the option to allow off-host access to the introspection server is set to 'false'. This issue has been addressed in ECS agent version 1.97.1. We recommend upgrading to the latest version and ensuring any forked or derivative code is patched to incorporate the new fixes. If customers cannot update to the latest AMI, they can modify the Amazon EC2 security groups to restrict incoming access to the introspection server port (51678).
Aws
CVE-2025-8904 Aug 13, 2025
Amazon EMR Secret Agent Exposes Kerb Keytab in /tmp (v7.4 and earlier) Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR version 7.5 or higher. For Amazon EMR releases between 6.10 and 7.4, we strongly recommend that you run the bootstrap script and RPM files with the fix provided in the location below.
Aws
CVE-2025-8217 Jul 30, 2025
Amazon Q Developer VS Code Extension Code Injection in v1.84.0 The Amazon Q Developer Visual Studio Code (VS Code) extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which prevents it from making a successful API call to the Q Developer CLI. To mitigate this issue, users should upgrade to version v1.85.0. All installations of v1.84.0 should be removed from use.
Aws
CVE-2025-6031 Jun 12, 2025
Amazon Cloud Cam SSL Pinning Bypass Enables Arbitrary Network Association Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status. The device defaults to a pairing status in which an arbitrary user can bypass SSL pinning to associate the device to an arbitrary network, allowing for network traffic interception and modification. We recommend customers discontinue usage of any remaining Amazon Cloud Cams.
Aws
CVE-2025-5688 Jun 04, 2025
Windows DNS Client Buffer Overflow via LLMNR/mDNS (CVE-2025-5688) We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
Freertos
CVE-2025-5279 May 27, 2025
Redshift Python Connector 2.1.x SSL cert bypass via BrowserAzureOAuth2 When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider. An insecure connection could allow an actor to intercept the token exchange process and retrieve an access token. This issue has been addressed in driver version 2.1.7. Users should upgrade to address this issue and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-4318 May 05, 2025
Amplify Studio: Unvalidated Inputs in amplify-codegen-ui May Allow JS Injection The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process.
Aws
CVE-2025-3857 Apr 21, 2025
Infinite Loop DoS in Amazon.IonDotnet before 1.3.1 (RawBinaryReader) When reading binary Ion data through Amazon.IonDotnet using the RawBinaryReader class, Amazon.IonDotnet does not check the number of bytes read from the underlying stream while deserializing the binary format. If the Ion data is malformed or truncated, this triggers an infinite loop condition that could potentially result in a denial of service. Users should upgrade to Amazon.IonDotnet version 1.3.1 and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-3048 Mar 31, 2025
Symlink Cache Exposure in AWS SAM CLI <1.134.0 After completing a build with AWS Serverless Application Model Command Line Interface (SAM CLI) which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outside of the Docker container would now have access via the local workspace. Users should upgrade to version 1.134.0 and ensure any forked or derivative code is patched to incorporate the new fixes. After upgrading, users must re-build their applications using the sam build --use-container to update the symlinks.
Aws
CVE-2025-3047 Mar 31, 2025
AWS SAM CLI v<1.133.0 Symlink Privileged Host File Access via Docker build When running the AWS Serverless Application Model Command Line Interface (SAM CLI) build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A user could leverage the elevated permissions to access restricted files via symlinks and copy them to a more permissive location on the container. Users should upgrade to v1.133.0 or newer and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-2887 Mar 27, 2025
Unverified Rollback in Tough Client Before 0.20.0 Allows Wrong Target Fetch During a target rollback, the client fails to detect the rollback for delegated targets. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough version 0.20.0 or later and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-2888 Mar 27, 2025
tough v0.20.0: Rollback Timestamp Cache Validation Denial During a snapshot rollback, the client incorrectly caches the timestamp metadata. If the client checks the cache when attempting to perform the next update, the update timestamp validation will fail, preventing the next update until the cache is cleared. Users should upgrade to tough version 0.20.0 or later and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-2886 Mar 27, 2025
tough client flaw: missing delegation termination (<0.20.0) Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough version 0.20.0 or later and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-2885 Mar 27, 2025
Missing root metatdata version validation in Tough (v0.20.0+) Missing validation of the root metatdata version number could allow an actor to supply an arbitrary version number to the client instead of the intended version in the root metadata file, altering the version fetched by the client. Users should upgrade to tough version 0.20.0 or later and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-1097 Mar 25, 2025
Ingress-nginx auth-tls-match-cn Injection Enables Code Execution A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
Aws
CVE-2025-1098 Mar 25, 2025
ingress-nginx mirror-annotations enable arbitrary config injection & code exec A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
Aws
CVE-2025-1974 Mar 25, 2025
Ingress-nginx: Arbitrary Exec via Pod Network in K8s A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
Aws
CVE-2025-24514 Mar 25, 2025
Ingress- Nginx auth-url Annotation RCE Leading to Secrets Exposure A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
Aws
CVE-2025-24513 Mar 25, 2025
Directory Traversal via Admission Controller File Inclusion in ingress-nginx A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster.
Aws
CVE-2025-2598 Mar 21, 2025
AWS CDK CLI <=2.178.1 Credential Leak via Plugin When the AWS Cloud Development Kit (AWS CDK) Command Line Interface (AWS CDK CLI) is used with a credential plugin which returns an expiration property with the retrieved AWS credentials, the credentials are printed to the console output. To mitigate this issue, users should upgrade to version 2.178.2 or later and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2025-1969 Mar 04, 2025
TEAM Improper Input Validation in AWS IAM Identity Center v1.2.2 Improper request input validation in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM. Upgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process
Aws
CVE-2025-0851 Jan 29, 2025
DJL ZipUtils/TarUtils PT Allows File Write A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations.
Aws
CVE-2025-0693 Jan 23, 2025
Timing-based IAM Username Enumeration in AWS Sign-In Flow Variable response times in the AWS Sign-in IAM user login flow allowed for the use of brute force enumeration techniques to identify valid IAM usernames in an arbitrary AWS account.
Aws
CVE-2025-0501 Jan 15, 2025
Amazon WorkSpaces PCoIP MiTM vulnerability An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle.
Aws
CVE-2025-0500 Jan 15, 2025
MitM Remote Session Access in Amazon WorkSpaces DCV & AppStream 2.0 An issue in the native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle.
Aws
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.