AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2025-08-01 · Documentation low

File: cli/latest/reference/inspector2/search-vulnerabilities.md

Summary

Updated vulnerability response structure with added CISA details, CVSS3 scoring, EPSS data, and reorganized fields. Removed pagination token description from middle of output.

Security assessment

The changes enhance documentation of security-related fields including CISA remediation guidance (action/dateDue), CVSS3 scoring details, and EPSS exploit prediction scores. While these additions improve security context for vulnerability management, there's no evidence they address a specific security incident or vulnerability.

Diff

diff --git a/cli/latest/reference/inspector2/search-vulnerabilities.md b/cli/latest/reference/inspector2/search-vulnerabilities.md
index 4ed5aea66..30740db90 100644
--- a//cli/latest/reference/inspector2/search-vulnerabilities.md
+++ b//cli/latest/reference/inspector2/search-vulnerabilities.md
@@ -15 +15 @@
-  * [AWS CLI 2.27.63 Command Reference](../../index.html) »
+  * [AWS CLI 2.28.0 Command Reference](../../index.html) »
@@ -231,4 +230,0 @@ Disable automatically prompt for CLI input parameters.
-nextToken -> (string)
-
-> The pagination parameter to be used on the next list operation to retrieve more items.
-
@@ -242,0 +239,34 @@ vulnerabilities -> (list)
+>> id -> (string)
+>>
+>>> The ID for the specific vulnerability.
+>> 
+>> cwes -> (list)
+>>
+>>> The Common Weakness Enumeration (CWE) associated with the vulnerability.
+>>> 
+>>> (string)
+>> 
+>> cisaData -> (structure)
+>>
+>>> An object that contains the Cybersecurity and Infrastructure Security Agency (CISA) details for the vulnerability.
+>>> 
+>>> dateAdded -> (timestamp)
+>>>
+>>>> The date and time CISA added this vulnerability to their catalogue.
+>>> 
+>>> dateDue -> (timestamp)
+>>>
+>>>> The date and time CISA expects a fix to have been provided vulnerability.
+>>> 
+>>> action -> (string)
+>>>
+>>>> The remediation action recommended by CISA for this vulnerability.
+>> 
+>> source -> (string)
+>>
+>>> The source of the vulnerability information. Possible results are `RHEL` , `AMAZON_CVE` , `DEBIAN` or `NVD` .
+>> 
+>> description -> (string)
+>>
+>>> A description of the vulnerability.
+>> 
@@ -267 +297 @@ vulnerabilities -> (list)
->> cisaData -> (structure)
+>> vendorSeverity -> (string)
@@ -269,3 +299,5 @@ vulnerabilities -> (list)
->>> An object that contains the Cybersecurity and Infrastructure Security Agency (CISA) details for the vulnerability.
->>> 
->>> action -> (string)
+>>> The severity assigned by the vendor.
+>> 
+>> cvss3 -> (structure)
+>>
+>>> An object that contains the Common Vulnerability Scoring System (CVSS) Version 3 details for the vulnerability.
@@ -273 +305 @@ vulnerabilities -> (list)
->>>> The remediation action recommended by CISA for this vulnerability.
+>>> baseScore -> (double)
@@ -275 +307 @@ vulnerabilities -> (list)
->>> dateAdded -> (timestamp)
+>>>> The CVSS v3 base score for the vulnerability.
@@ -277 +309 @@ vulnerabilities -> (list)
->>>> The date and time CISA added this vulnerability to their catalogue.
+>>> scoringVector -> (string)
@@ -279 +311,5 @@ vulnerabilities -> (list)
->>> dateDue -> (timestamp)
+>>>> The scoring vector associated with the CVSS v3 score.
+>> 
+>> relatedVulnerabilities -> (list)
+>>
+>>> A list of related vulnerabilities.
@@ -281 +317 @@ vulnerabilities -> (list)
->>>> The date and time CISA expects a fix to have been provided vulnerability.
+>>> (string)
@@ -295 +331 @@ vulnerabilities -> (list)
->> cvss3 -> (structure)
+>> vendorCreatedAt -> (timestamp)
@@ -297,9 +333 @@ vulnerabilities -> (list)
->>> An object that contains the Common Vulnerability Scoring System (CVSS) Version 3 details for the vulnerability.
->>> 
->>> baseScore -> (double)
->>>
->>>> The CVSS v3 base score for the vulnerability.
->>> 
->>> scoringVector -> (string)
->>>
->>>> The scoring vector associated with the CVSS v3 score.
+>>> The date and time when the vendor created this vulnerability.
@@ -307 +335 @@ vulnerabilities -> (list)
->> cwes -> (list)
+>> vendorUpdatedAt -> (timestamp)
@@ -309,3 +337 @@ vulnerabilities -> (list)
->>> The Common Weakness Enumeration (CWE) associated with the vulnerability.
->>> 
->>> (string)
+>>> The date and time when the vendor last updated this vulnerability.
@@ -313 +339 @@ vulnerabilities -> (list)
->> description -> (string)
+>> sourceUrl -> (string)
@@ -315 +341 @@ vulnerabilities -> (list)
->>> A description of the vulnerability.
+>>> A link to the official source material for this vulnerability.
@@ -317 +343 @@ vulnerabilities -> (list)
->> detectionPlatforms -> (list)
+>> referenceUrls -> (list)
@@ -319 +345 @@ vulnerabilities -> (list)
->>> Platforms that the vulnerability can be detected on.
+>>> Links to various resources with more information on this vulnerability.
@@ -323,8 +348,0 @@ vulnerabilities -> (list)
->> epss -> (structure)
->>
->>> An object that contains the Exploit Prediction Scoring System (EPSS) score for a vulnerability.
->>> 
->>> score -> (double)
->>>
->>>> The Exploit Prediction Scoring System (EPSS) score.
->> 
@@ -335,4 +352,0 @@ vulnerabilities -> (list)
->>> firstSeen -> (timestamp)
->>>
->>>> The date an time when the exploit was first seen.
->>> 
@@ -342,8 +355,0 @@ vulnerabilities -> (list)
->> 
->> id -> (string)
->>
->>> The ID for the specific vulnerability.
->> 
->> referenceUrls -> (list)
->>
->>> Links to various resources with more information on this vulnerability.
@@ -351 +357,3 @@ vulnerabilities -> (list)
->>> (string)
+>>> firstSeen -> (timestamp)
+>>>
+>>>> The date an time when the exploit was first seen.
@@ -353 +361 @@ vulnerabilities -> (list)
->> relatedVulnerabilities -> (list)
+>> detectionPlatforms -> (list)
@@ -355 +363 @@ vulnerabilities -> (list)
->>> A list of related vulnerabilities.
+>>> Platforms that the vulnerability can be detected on.
@@ -359,17 +367 @@ vulnerabilities -> (list)
->> source -> (string)
->>
->>> The source of the vulnerability information. Possible results are `RHEL` , `AMAZON_CVE` , `DEBIAN` or `NVD` .
->> 
->> sourceUrl -> (string)
->>
->>> A link to the official source material for this vulnerability.
->> 
->> vendorCreatedAt -> (timestamp)
->>
->>> The date and time when the vendor created this vulnerability.
->> 
->> vendorSeverity -> (string)
->>
->>> The severity assigned by the vendor.
->> 
->> vendorUpdatedAt -> (timestamp)
+>> epss -> (structure)
@@ -377 +369,9 @@ vulnerabilities -> (list)
->>> The date and time when the vendor last updated this vulnerability.
+>>> An object that contains the Exploit Prediction Scoring System (EPSS) score for a vulnerability.
+>>> 
+>>> score -> (double)
+>>>
+>>>> The Exploit Prediction Scoring System (EPSS) score.
+
+nextToken -> (string)
+
+> The pagination parameter to be used on the next list operation to retrieve more items.
@@ -389 +389 @@ vulnerabilities -> (list)
-  * [AWS CLI 2.27.63 Command Reference](../../index.html) »
+  * [AWS CLI 2.28.0 Command Reference](../../index.html) »