Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Amazon Subscribe
Filtered by product Aws Lambda
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10777 1 Amazon 1 Aws Lambda 2021-05-10 7.5 HIGH 9.8 CRITICAL
In aws-lambda versions prior to version 1.0.5, the "config.FunctioName" is used to construct the argument used within the "exec" function without any sanitization. It is possible for a user to inject arbitrary commands to the "zipCmd" used within "config.FunctionName".