When running the AWS Serverless Application Model Command Line Interface (SAM CLI) build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A user could leverage the elevated permissions to access restricted files via symlinks and copy them to a more permissive location on the container. Users should upgrade to v1.133.0 or newer and ensure any forked or derivative code is patched to incorporate the new fixes.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| aws-sam-cli(PyPI) | 0 | 1.133.0 | N/A |
CVSS Metrics
