aws-sam-cli

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting aws-sam-clipage 1 of 1

CVE-2025-3047MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.133.0
2025-03-31
vulnerable: 0.10.0 ... 1.99.0 (204 versions)
When running the AWS Serverless Application Model Command Line Interface (SAM CLI) build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by le…
CVE-2025-3048MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.134.0
2025-03-31
vulnerable: 0.10.0 ... 1.99.0 (205 versions)
After completing a build with AWS Serverless Application Model Command Line Interface (SAM CLI) which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a resu…

Check whether aws-sam-cli is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for aws-sam-cli CVEs against the assets you own.

Start Free Scan →