AWS Security ChangesHomeSearch

AWS AmazonCloudWatch high security documentation change

Service: AmazonCloudWatch · 2026-06-13 · Security-related high

File: AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md

Summary

Updated Node.js runtime from syn-nodejs-4.2 to syn-nodejs-5.0 including dependency upgrades to address CVE GHSA-jxxr-4gwj-5jf2

Security assessment

Explicitly mentions upgrading brace-expansion to address CVE GHSA-jxxr-4gwj-5jf2, indicating a security vulnerability fix. This change documents a security patch that prevents potential exploitation.

Diff

diff --git a/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md b/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md
index e425f76e7..47c789245 100644
--- a//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md
+++ b//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md
@@ -7 +7 @@
-syn-nodejs-4.2
+syn-nodejs-5.0
@@ -15 +15 @@ The naming convention for these runtime versions is `syn-`language` -`majorversi
-## syn-nodejs-4.2
+## syn-nodejs-5.0
@@ -32,0 +33,20 @@ Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new
+**Changes in syn-nodejs-5.0**
+
+  * Upgrade `brace-expansion` to 5.0.6 to address the following CVE:
+
+    * GHSA-jxxr-4gwj-5jf2
+
+
+
+
+The following earlier runtime versions for Node.js are still supported. 
+
+### syn-nodejs-4.2
+
+**Major dependencies** :
+
+  * AWS Lambda runtime Node.js 22.x
+
+
+
+
@@ -64,2 +83,0 @@ Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new
-The following earlier runtime versions for Node.js are still supported. 
-