Name: Aws Cloud Development Kit
Author: Amazon

🔍 What is Aws Cloud Development Kit?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2025-23206

HIGH CVSS 8.1 Jan 17, 2025

AWS CDK's IAM OIDC custom resource provider has a TLS certificate validation vulnerability where it accepts unauthorized connections. This allows potential man-in-the-middle attacks against OIDC provi...

CVE-2025-2598

MEDIUM CVSS 5.5 Mar 21, 2025

The AWS CDK CLI prints AWS credentials to console output when used with credential plugins that return expiration properties. This exposes sensitive credentials to anyone with access to console logs. ...

CVE-2024-45037

MEDIUM CVSS 6.4 Aug 27, 2024

A vulnerability in AWS Cloud Development Kit (CDK) versions 2.142.0 through 2.148.0 allows authenticated Amazon Cognito users to gain unintended access to protected API resources when using RestApi co...