AWS-2025-003
AWS Bulletin2025-01-29
Path traversal issue in Deep Java Library - (CVE-2025-0851)
CVEs:CVE-2025-0851
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity).
Path traversal issue in Deep Java Library - (CVE-2025-0851)
CVEs:CVE-2025-0851
ALAS-2025-1956: rust (important)
CVEs:CVE-2024-24577
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| rust | affected | Amazon | rust | — |
Issue with AWS Sign-in IAM User Login Flow – Possible Username Enumeration (CVE-2025-0693)
CVEs:CVE-2025-0693
AWS Cloud Development Kit (AWS CDK) IAM OIDC custom resource allows connection to unauthorized OIDC provider
CVEs:CVE-2025-23206
AWS Cloud Development Kit (AWS CDK) IAM OIDC custom resource allows connection to unauthorized OIDC provider
CVEs:GHSA-v4mq-x674-ff73
ALAS-2025-1955: rsync (important)
CVEs:CVE-2024-12085CVE-2024-12086CVE-2024-12087CVE-2024-12088CVE-2024-12747
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| rsync | affected | Amazon | rsync | — |
Issue with Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV (CVE-2025-0500 and CVE-2025-0501)
ALAS-2025-1953: expat (important)
CVEs:CVE-2024-45490
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| expat | affected | Amazon | expat | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.