All 3 CVE vulnerabilities found in aws-cdk, with AI-generated Chinese analysis, references, and POCs.
Vendor: aws
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-23206 | IAM OIDC custom resource allows connection to unauthorized OIDC provider in aws-cdk CWE-347 | 8.1 | - | 2025-01-17 |
| CVE-2024-45037 | AWS CDK RestApi not generating authorizationScope correctly in resultant CFN template CWE-863 | 6.4 | Medium | 2024-08-27 |
| CVE-2023-35165 | AWS CDK EKS overly permissive trust policies CWE-863 | 6.6 | Medium | 2023-06-23 |
All 3 known CVE vulnerabilities affecting aws-cdk with full Chinese analysis, references, and POCs where available.