CVE-2025-3047: 
Python vulnerability analysis and mitigation

The AWS Serverless Application Model Command Line Interface (AWS SAM CLI) contains a path traversal vulnerability (CVE-2025-3047) discovered in March 2025. When running the AWS SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows users to access privileged files on the host by leveraging elevated permissions granted to the tool. This vulnerability affects AWS SAM CLI versions 1.98.0 through 1.132.0 (AWS Security Bulletin, GitHub Advisory).

The vulnerability occurs during the build process when using Docker containers. The tool does not prevent path traversal when building in a container with 'sam build -u', enabling the build script to access files outside of the build directory. Since the command requires elevated privileges due to Docker usage, it potentially enables the build script to read any file on the host system. The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium) with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N (GitHub Advisory).

The vulnerability is limited to local workspaces using AWS SAM CLI with container builds (--use-container). It potentially allows access to local files outside the build directory through the usage of symlinks. The issue does not affect AWS services, production environments, or cross-account resources. An attacker could leverage this vulnerability as part of a supply chain attack to exfiltrate sensitive files from the victim's system (GitHub Advisory).

Users should upgrade to AWS SAM CLI version 1.133.0 or newer, which addresses the vulnerability. After upgrading, to retain the previous behavior and allow symlinks to resolve on the host machine, users can use the explicit '--mount-symlinks' parameter. There are no recommended workarounds other than upgrading to the patched version (AWS Security Bulletin).