aws-cdk
npm2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting aws-cdkpage 1 of 1
- CVE-2024-45037MEDIUMCVSS 6.4EG 6.4✓ Fixed in 2.148.12024-08-27
The AWS Cloud Development Kit (CDK) is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a cust…
- CVE-2025-2598MEDIUMCVSS 5.5EG 5.5✓ Fixed in 2.178.22025-03-21
When the AWS Cloud Development Kit (AWS CDK) Command Line Interface (AWS CDK CLI) is used with a credential plugin which returns an expiration property with the retrieved AWS credentials, the credentials are printed to the console output. …
Check whether aws-cdk is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for aws-cdk CVEs against the assets you own.
Start Free Scan →