CVE-2025-3047 is a vulnerability identified in the AWS Serverless Application Model Command Line Interface (AWS SAM CLI). When the sam build process is executed with Docker and includes symbolic links (symlinks) in the build files, the container environment may allow unauthorized access to privileged files on the host system. An attacker could exploit this by leveraging the elevated permissions granted to the tool, accessing restricted files via symlinks, and copying them to a more accessible location within the container.
Affected Versions: This vulnerability affected AWS SAM CLI from v1.98.0 before v1.133.0. It has been resolved in v1.133.0.
By updating to the latest version of AWS SAM CLI, users can protect their systems from potential exploitation of this vulnerability.
See more details on: