Executive Summary

Informations
Name CVE-2025-3047 First vendor Publication 2025-03-31
Vendor Cve Last vendor Modification 2025-04-01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

When running the AWS Serverless Application Model Command Line Interface (SAM CLI) build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A user could leverage the elevated permissions to access restricted files via symlinks and copy them to a more permissive location on the container.

Users should upgrade to v1.133.0 or newer and ensure any forked or derivative code is patched to incorporate the new fixes.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3047

Sources (Detail)

https://aws.amazon.com/security/security-bulletins/AWS-2025-008/
https://github.com/aws/aws-sam-cli/security/advisories/GHSA-px37-jpqx-97q9
Source Url

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2025-05-27 02:56:31
  • First insertion