AWS AmazonCloudWatch high security documentation change
Summary
Updated runtime version from 16.0 to 16.1, added security fixes for HTTP headers, CVE-2026-42338 and CVE-2026-45736
Security assessment
Explicitly addresses CVE-2026-42338 and CVE-2026-45736 through dependency upgrades. The CVE references provide concrete evidence of security vulnerability remediation.
Diff
diff --git a/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_nodejs_puppeteer.md b/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_nodejs_puppeteer.md index 6dc9c0b59..dc9b5433f 100644 --- a//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_nodejs_puppeteer.md +++ b//AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_nodejs_puppeteer.md @@ -7 +7 @@ -syn-nodejs-puppeteer-16.0 +syn-nodejs-puppeteer-16.1 @@ -19,3 +19 @@ The Lambda code in a canary is configured to have a maximum memory of 1 GB. Each -## syn-nodejs-puppeteer-16.0 - -`syn-nodejs-puppeteer-16.0` is the most recent Synthetics runtime for Node.js and Puppeteer. +## syn-nodejs-puppeteer-16.1 @@ -60,0 +59,28 @@ Synthetics runtime `syn-nodejs-puppeteer-11.0` and later versions support only t +**Major dependencies** : + + * Lambda runtime Node.js 22.x + + * Puppeteer-core version 24.42.0 + + * Chromium version 147.0.7727.57 + + * Firefox version 147.0.4 + + + + +**Changes in syn-nodejs-puppeteer-16.1** + + * Fix bug where HTTP headers with array values were not being captured properly. + + * Upgrade `ip-address` to 10.1.1 to address the following CVEs: + + * CVE-2026-42338 + + * Upgrade `ws` to 8.20.1 to address the following CVEs: + + * CVE-2026-45736 + + + + @@ -69,0 +96,4 @@ For more information, see the following: +The following earlier runtime versions for Node.js and Puppeteer are still supported. + +### syn-nodejs-puppeteer-16.0 + @@ -84,0 +115,2 @@ For more information, see the following: + * [Multilocation canaries](./CloudWatch_Synthetics_Canaries_MultiLocation.html) – Run the same canary across multiple AWS Regions from a single point of management. + @@ -118,2 +149,0 @@ For more information, see the following: -The following earlier runtime versions for Node.js and Puppeteer are still supported. -