CVE-2025-4318 - Vulnerability Details - OpenCVE

The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact High

Subsequent System Availability Impact High

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

No data.

No data.

No data.

References

Link	Providers
https://aws.amazon.com/security/security-bulletins/AWS-2025-010/

History

Mon, 05 May 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 05 May 2025 18:30:00 +0000

Type	Values Removed	Values Added
Description		The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process.
Title		Input validation issue in AWS Amplify Studio UI component properties
Weaknesses		CWE-95
References		https://aws.amazon.com/security/security-bulletins/AWS-2025-010/
Metrics		cvssV4_0 `{'score': 9.5, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}`

MITRE

Status: PUBLISHED

Assigner: AMZN

Published: 2025-05-05T18:16:34.075Z

Updated: 2025-05-05T18:56:01.694Z

Reserved: 2025-05-05T14:03:53.695Z

Link: CVE-2025-4318

Vulnrichment

Updated: 2025-05-05T18:55:57.729Z

NVD

Status : Awaiting Analysis

Published: 2025-05-05T19:15:57.847

Modified: 2025-05-05T20:54:19.760

Link: CVE-2025-4318

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-4318", "assignerOrgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "state": "PUBLISHED", "assignerShortName": "AMZN", "dateReserved": "2025-05-05T14:03:53.695Z", "datePublished": "2025-05-05T18:16:34.075Z", "dateUpdated": "2025-05-05T18:56:01.694Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://github.com/aws-amplify/amplify-codegen-ui", "defaultStatus": "unaffected", "packageName": "amplify-codegen-ui", "product": "Amplify Studio", "vendor": "Amazon", "versions": [{"lessThan": "2.20.3", "status": "affected", "version": "0.1.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process. </p>"}], "value": "The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process."}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592: Stored XSS"}]}, {"capecId": "CAPEC-251", "descriptions": [{"lang": "en", "value": "CAPEC-251: Local Code Inclusion"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 9.5, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-95", "description": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "shortName": "AMZN", "dateUpdated": "2025-05-05T18:16:34.075Z"}, "references": [{"url": "https://aws.amazon.com/security/security-bulletins/AWS-2025-010/"}], "source": {"discovery": "UNKNOWN"}, "title": "Input validation issue in AWS Amplify Studio UI component properties", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-05T18:55:35.611130Z", "id": "CVE-2025-4318", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-05T18:56:01.694Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-4318", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-05T18:55:35.611130Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-05T18:55:57.729Z"}}], "cna": {"title": "Input validation issue in AWS Amplify Studio UI component properties", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592: Stored XSS"}]}, {"capecId": "CAPEC-251", "descriptions": [{"lang": "en", "value": "CAPEC-251: Local Code Inclusion"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.5, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Amazon", "product": "Amplify Studio", "versions": [{"status": "affected", "version": "0.1.0", "lessThan": "2.20.3", "versionType": "semver"}], "packageName": "amplify-codegen-ui", "collectionURL": "https://github.com/aws-amplify/amplify-codegen-ui", "defaultStatus": "unaffected"}], "references": [{"url": "https://aws.amazon.com/security/security-bulletins/AWS-2025-010/"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process.", "supportingMedia": [{"type": "text/html", "value": "<p>The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process. </p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-95", "description": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')"}]}], "providerMetadata": {"orgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "shortName": "AMZN", "dateUpdated": "2025-05-05T18:16:34.075Z"}}}, "cveMetadata": {"cveId": "CVE-2025-4318", "state": "PUBLISHED", "dateUpdated": "2025-05-05T18:56:01.694Z", "dateReserved": "2025-05-05T14:03:53.695Z", "assignerOrgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "datePublished": "2025-05-05T18:16:34.075Z", "assignerShortName": "AMZN"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process."}], "id": "CVE-2025-4318", "lastModified": "2025-05-05T20:54:19.760", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.5, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary"}]}, "published": "2025-05-05T19:15:57.847", "references": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "url": "https://aws.amazon.com/security/security-bulletins/AWS-2025-010/"}], "sourceIdentifier": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-95"}], "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary"}]}