JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

### Description of Vulnerability: 
An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users.
AWS recommends that customers upgrade to the following version:  AWS NodeJS Wrapper to v2.0.1.
### Source of Vulnerability Report:
Allistair Ishmael Hakim [allistair.hakim@gmail.com](mailto:allistair.hakim@gmail.com)
### Affected products & versions: 
AWS NodeJS Wrapper < 2.0.1.
### Platforms: 
MacOS/Windows/Linux

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-59840	HIGH	8.1	JavaScript	vega	No	Yes	Nov 13, 2025
GHSA-8wj8-cfxr-9374	HIGH	8	JavaScript	aws-advanced-nodejs-wrapper	No	Yes	Nov 13, 2025
CVE-2025-64748	MEDIUM	6.5	JavaScript	directus	No	Yes	Nov 13, 2025
CVE-2025-64749	MEDIUM	4.3	JavaScript	@directus/api	No	Yes	Nov 13, 2025
CVE-2025-64745	LOW	2.7	JavaScript	astro	No	Yes	Nov 13, 2025

GHSA-8wj8-cfxr-9374:
JavaScript vulnerability analysis and mitigation

Description of Vulnerability:

Source of Vulnerability Report:

Affected products & versions:

Platforms:

8

Related JavaScript vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

GHSA-8wj8-cfxr-9374: JavaScript vulnerability analysis and mitigation