AWS Security ChangesHomeSearch

AWS AmazonCloudWatch high security documentation change

Service: AmazonCloudWatch · 2026-06-25 · Security-related high

File: AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md

Summary

Updated runtime version from 5.0 to 5.1, added security fixes for HTTP headers and CVE-2026-45736

Security assessment

Explicitly addresses CVE-2026-45736 through dependency upgrade and fixes HTTP header handling vulnerability. The CVE reference provides concrete evidence of security remediation.

Diff

diff --git a/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md b/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md
index 47c789245..79e934466 100644
--- a//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md
+++ b//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_Nodejs.md
@@ -7 +7 @@
-syn-nodejs-5.0
+syn-nodejs-5.1
@@ -15 +15 @@ The naming convention for these runtime versions is `syn-`language` -`majorversi
-## syn-nodejs-5.0
+## syn-nodejs-5.1
@@ -32,0 +33,22 @@ Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new
+**Changes in syn-nodejs-5.1**
+
+  * Fix bug where HTTP headers with array values were not being captured properly.
+
+  * Upgrade `ws` to 8.20.1 to address the following CVEs:
+
+    * CVE-2026-45736
+
+
+
+
+The following earlier runtime versions for Node.js are still supported. 
+
+### syn-nodejs-5.0
+
+**Major dependencies** :
+
+  * AWS Lambda runtime Node.js 22.x
+
+
+
+
@@ -42,2 +63,0 @@ Starting Synthetics `syn-nodejs-3.1` and later, Synthetics runtime uses the new
-The following earlier runtime versions for Node.js are still supported. 
-