From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Description: - Vulnerability Name: AWS CDK RestApi Construct: Authenticated users may have unintended access to protected APIs - Vulnerability ID: GHSA-qj85-69xf-2vxq - Release Date: 2 days ago - Severity: Moderate (6.4/10) - Affected Versions: >=2.142.0; =2.148.1 2. Impact: - Impact: Authenticated Cognito users may gain unintended access to protected API resources or methods, leading to potential data disclosure and modification issues. - Affected Versions: >=2.142.0; =2.148.1 or later and redeploy your application to resolve this issue. - If using an older CDK version (<=2.142.0), it is recommended to upgrade to the latest version to benefit from new features and fixes. - Verify whether your application uses "CognitoUserPoolsAuthorizer" as the authorizer and whether "RestApi" resources or methods leverage authorization scopes to restrict access. 4. References: - AWS CDK Documentation: https://docs.aws.amazon.com/cdk/v2/guide/home.html - AWS CDK RestApi Construct Documentation: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-[lib.aws](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws) - AWS CDK CognitoUserPoolsAuthorizer Documentation: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_apigateway.CognitoUserPoolsAuthorizer.html - AWS CDK v2.148.1 Release Notes: https://github.com/aws/aws-cdk/releases/tag/v2.148.1 5. Contact Information: - For any questions or comments, please contact AWS/Amazon Security via their vulnerability reporting page or directly by email: aws-security@amazon.com. Do not create public issues on GitHub. This information helps users understand the details of the vulnerability, the affected scope, and how to resolve the issue.