Homepage
About Snyk

aws-sam-cli@1.90.0 vulnerabilities

AWS SAM CLI is a CLI tool for local development and testing of Serverless applications

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the aws-sam-cli package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Insertion of Sensitive Information Into Log File

aws-sam-cli is an AWS SAM CLI is a CLI tool for local development and testing of Serverless applications

Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Log File through the DockerBuildArgs parameter, which allows an attacker to view sensitive data in clear text by accessing STDERR in the AWS SAM CLI output during the sam build command execution.

How to fix Insertion of Sensitive Information Into Log File?

Upgrade aws-sam-cli to version 1.122.0 or higher.

[,1.122.0)
Go back to all versions of this package