Skip to main content

Aws Cloud Development Kit

4 CVEs product

Monthly

CVE-2025-2598 npm MEDIUM PATCH This Month

When the AWS Cloud Development Kit (AWS CDK) Command Line Interface (AWS CDK CLI) is used with a credential plugin which returns an expiration property with the retrieved AWS credentials, the. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Aws Cloud Development Kit
NVD GitHub
CVSS 4.0
5.7
EPSS
0.0%
CVE-2025-23206 npm LOW PATCH Monitor

The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Rated low severity (CVSS 1.8), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Jwt Attack Aws Cloud Development Kit
NVD GitHub
CVSS 4.0
1.8
EPSS
0.1%
CVE-2024-45037 npm MEDIUM PATCH This Month

The AWS Cloud Development Kit (CDK) is an open-source framework for defining cloud infrastructure using code. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Aws Cloud Development Kit
NVD GitHub
CVSS 3.1
6.4
EPSS
0.3%
CVE-2023-35165 npm HIGH POC PATCH This Week

AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Kubernetes Authentication Bypass Aws Cloud Development Kit
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

When the AWS Cloud Development Kit (AWS CDK) Command Line Interface (AWS CDK CLI) is used with a credential plugin which returns an expiration property with the retrieved AWS credentials, the. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Aws Cloud Development Kit
NVD GitHub
EPSS 0% CVSS 1.8
LOW PATCH Monitor

The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Rated low severity (CVSS 1.8), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Jwt Attack Aws Cloud Development Kit
NVD GitHub
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The AWS Cloud Development Kit (CDK) is an open-source framework for defining cloud infrastructure using code. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Aws Cloud Development Kit
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Kubernetes Authentication Bypass Aws Cloud Development Kit
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy