AWS AmazonCloudWatch high security documentation change
Summary
Updated Node.js runtime from v4.1 to v4.2 with dependency upgrades to address multiple CVEs and security advisories.
Security assessment
Explicitly addresses multiple CVEs (CVE-2025-62718, CVE-2026-33750, etc.) and GHSA-5wm8-gmm8-39j9 through dependency upgrades in the runtime. Direct security vulnerability mitigation.
Diff
diff --git a/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md b/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md index de41f131e..e425f76e7 100644 --- a//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md +++ b//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md @@ -7 +7 @@ -syn-nodejs-4.1 +syn-nodejs-4.2 @@ -15 +15 @@ The naming convention for these runtime versions is `syn-`language` -`majorversi -## syn-nodejs-4.1 +## syn-nodejs-4.2 @@ -32,0 +33,42 @@ Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new +**Changes in syn-nodejs-4.2** + + * Upgrade `axios` to 1.15.2 to address the following CVEs: + + * CVE-2025-62718 + + * CVE-2026-42033 + + * CVE-2026-42035 + + * CVE-2026-42038 + + * CVE-2026-42039 + + * CVE-2026-42043 + + * CVE-2026-42044 + + * CVE-2026-42264 + + * Upgrade `brace-expansion` to 5.0.5 to address the following CVE: + + * CVE-2026-33750 + + * Upgrade `fast-xml-builder` to 1.1.7 to address the following CVE: + + * GHSA-5wm8-gmm8-39j9 + + + + +The following earlier runtime versions for Node.js are still supported. + +### syn-nodejs-4.1 + +**Major dependencies** : + + * AWS Lambda runtime Node.js 22.x + + + + @@ -50,2 +91,0 @@ Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new -The following earlier runtime versions for Node.js are still supported. - @@ -70,9 +109,0 @@ The following earlier runtime versions for Node.js are still supported. -###### Important - -Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new namespace. Please migrate the canary script to use the new namespace. Legacy namespace will be deprecated in a future release. - - * @amzn/synthetics-core → @aws/synthetics-core - - - -