Vulnerabilities > Amazon > AWS Lambda > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-01-08 CVE-2019-10777 OS Command Injection vulnerability in Amazon AWS Lambda
In aws-lambda versions prior to version 1.0.5, the "config.FunctioName" is used to construct the argument used within the "exec" function without any sanitization.
network
low complexity
amazon CWE-78
critical
9.8