Impact: @hulumi/baseline versions before 1.3.2 could miss some CloudTrail event-selector tampering evidence, reducing coverage for changes to audit logging configuration.
Patched in 1.3.2: detection coverage and regression tests were expanded.
Remediation: upgrade @hulumi/baseline to 1.3.2 or later and rerun affected previews/checks.
| Base score | Version | Severity | Vector |
|---|---|---|---|
| 6.9 | 4.0 | — |
|
| Type | Value |
|---|---|
| GHSA | GHSA-gfp8-mp24-5vxg ↗ |
| CWE id | Name |
|---|---|
| CWE-778 | Insufficient Logging |
Vulnerable version ranges and first patched releases as published by GitHub.
| Ecosystem | Package | Vulnerable range | First patched | Vulnerable functions |
|---|---|---|---|---|
| npm | @hulumi/baseline | < 1.3.2 | 1.3.2 | — |