AWS Security ChangesHomeSearch

AWS AmazonCloudWatch high security documentation change

Service: AmazonCloudWatch · 2026-05-16 · Security-related high

File: AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md

Summary

Updated Node.js runtime from v4.1 to v4.2 with dependency upgrades to address multiple CVEs and security advisories.

Security assessment

Explicitly addresses multiple CVEs (CVE-2025-62718, CVE-2026-33750, etc.) and GHSA-5wm8-gmm8-39j9 through dependency upgrades in the runtime. Direct security vulnerability mitigation.

Diff

diff --git a/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md b/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md
index de41f131e..e425f76e7 100644
--- a//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md
+++ b//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md
@@ -7 +7 @@
-syn-nodejs-4.1
+syn-nodejs-4.2
@@ -15 +15 @@ The naming convention for these runtime versions is `syn-`language` -`majorversi
-## syn-nodejs-4.1
+## syn-nodejs-4.2
@@ -32,0 +33,42 @@ Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new
+**Changes in syn-nodejs-4.2**
+
+  * Upgrade `axios` to 1.15.2 to address the following CVEs:
+
+    * CVE-2025-62718
+
+    * CVE-2026-42033
+
+    * CVE-2026-42035
+
+    * CVE-2026-42038
+
+    * CVE-2026-42039
+
+    * CVE-2026-42043
+
+    * CVE-2026-42044
+
+    * CVE-2026-42264
+
+  * Upgrade `brace-expansion` to 5.0.5 to address the following CVE:
+
+    * CVE-2026-33750
+
+  * Upgrade `fast-xml-builder` to 1.1.7 to address the following CVE:
+
+    * GHSA-5wm8-gmm8-39j9
+
+
+
+
+The following earlier runtime versions for Node.js are still supported. 
+
+### syn-nodejs-4.1
+
+**Major dependencies** :
+
+  * AWS Lambda runtime Node.js 22.x
+
+
+
+
@@ -50,2 +91,0 @@ Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new
-The following earlier runtime versions for Node.js are still supported. 
-
@@ -70,9 +109,0 @@ The following earlier runtime versions for Node.js are still supported.
-###### Important
-
-Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new namespace. Please migrate the canary script to use the new namespace. Legacy namespace will be deprecated in a future release.
-
-  * @amzn/synthetics-core → @aws/synthetics-core
-
-
-
-