AWS inspector medium security documentation change
Summary
Added documentation about resolving false-positive CVE findings (CVE-2025-0913 and CVE-2025-4673) in Amazon Inspector SSM plugin
Security assessment
Directly addresses vulnerability detection inaccuracies that could lead to misleading security findings. Confirms resolution of false positives for specific CVEs.
Diff
diff --git a/inspector/latest/user/doc-history.md b/inspector/latest/user/doc-history.md index 7aea576d3..b5e80b88b 100644 --- a//inspector/latest/user/doc-history.md +++ b//inspector/latest/user/doc-history.md @@ -12,0 +13 @@ New feature| Amazon Inspector now scans first-party application source code, th +Update for plugin| Amazon Inspector is made aware of a scenario where the Amazon Inspector SSM plugin might generate a vulnerability finding for ` CVE-2025-0913` and `CVE-2025-4673`. It was confirmed the Amazon Inspector SSM plugin is not impacted by these CVEs, and an update was deployed to resolve this detection. | June 13, 2025