Skip to content

[Aikido] Fix security issue in aws-cdk-lib via minor version upgrade from 2.235.1 to 2.245.0#1636

Merged
TheOrangePuff merged 2 commits intomainfrom
fix/aikido-security-update-packages-21158889-otdv
Apr 1, 2026
Merged

[Aikido] Fix security issue in aws-cdk-lib via minor version upgrade from 2.235.1 to 2.245.0#1636
TheOrangePuff merged 2 commits intomainfrom
fix/aikido-security-update-packages-21158889-otdv

Conversation

@aikido-autofix
Copy link
Copy Markdown
Contributor

@aikido-autofix aikido-autofix bot commented Mar 30, 2026

Upgrade aws-cdk-lib to fix DoS vulnerability in YAML parsing that causes stack overflow via deeply nested sequences.

✅ 1 CVE resolved by this upgrade

This PR will resolve the following CVEs:

Issue Severity           Description 
CVE-2026-33532
 
MEDIUM
 [yaml] A stack overflow vulnerability in the compose/resolve phase allows attackers to trigger a RangeError via deeply nested YAML structures (~2–10 KB), potentially causing denial of service or process termination in applications that don't catch this unexpected exception type.

@aikido-autofix aikido-autofix bot requested a review from a team as a code owner March 30, 2026 02:17
@TheOrangePuff TheOrangePuff merged commit 81e1d13 into main Apr 1, 2026
1 check passed
@TheOrangePuff TheOrangePuff mentioned this pull request Apr 1, 2026
Merged
@github-actions github-actions bot mentioned this pull request Mar 30, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TheOrangePuff TheOrangePuff TheOrangePuff approved these changes

@AdamJHall AdamJHall Awaiting requested review from AdamJHall AdamJHall is a code owner automatically assigned from aligent/devops

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TheOrangePuff