Описание
When running the AWS Serverless Application Model Command Line Interface (SAM CLI) build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A user could leverage the elevated permissions to access restricted files via symlinks and copy them to a more permissive location on the container.
Users should upgrade to v1.133.0 or newer and ensure any forked or derivative code is patched to incorporate the new fixes.
EPSS
Процентиль: 30%
0.00109
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-61
Связанные уязвимости
CVSS3: 6.5
github
10 месяцев назад
AWS SAM CLI Path Traversal allows file copy to build container
EPSS
Процентиль: 30%
0.00109
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-61