npm package
aws-cdk
pkg:npm/aws-cdk
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-2598 | — | >= 2.172.0, < 2.178.2 | 2.178.2 | Mar 21, 2025 | When the AWS Cloud Development Kit (AWS CDK) Command Line Interface (AWS CDK CLI) is used with a credential plugin which returns an expiration property with the retrieved AWS credentials, the credentials are printed to the console output. To mitigate this issue, users should upgr | ||
| CVE-2024-45037 | — | >= 2.142.0, < 2.148.1 | 2.148.1 | Aug 27, 2024 | The AWS Cloud Development Kit (CDK) is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a customer’s AWS account. CDK contains pre-buil |
- CVE-2025-2598Mar 21, 2025affected >= 2.172.0, < 2.178.2fixed 2.178.2
When the AWS Cloud Development Kit (AWS CDK) Command Line Interface (AWS CDK CLI) is used with a credential plugin which returns an expiration property with the retrieved AWS credentials, the credentials are printed to the console output. To mitigate this issue, users should upgr
- CVE-2024-45037Aug 27, 2024affected >= 2.142.0, < 2.148.1fixed 2.148.1
The AWS Cloud Development Kit (CDK) is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a customer’s AWS account. CDK contains pre-buil