Skip to main content

IDS Layer version 1.5.0

Release date: September 4, 2023

Language versions currently supported:

Node.js 12, Node.js 14, Node.js 16
Python 3.8, Python 3.9

Minimum requirements:

Memory: 256 MB
Timeout: 5 seconds

Included third-party packages: See here.

New and improved:

Added a new ReDOS attack in Node.js
Enhanced ReDOS instrumentation for Python to support more possible sinks
Added a new Unvalidated Input attack In both Node.js and Python
Added detection for Lambda triggers to enhance traces support
Fixed false-positives in NOSQLI in DynamoDB
We made several enhancements and addressed issues to enhance the overall performance and stability

Security fixes:

Fixed CVE-2023-36665 protobufjs v7.1.1 in the Node.js layer
Fixed CVE-2023-38704 import-in-the-middle v1.4.1 in the Node.js layer

Possible issues:

Dependencies collision
- See the included third-party packages
Node.js
- Handler function that is defined with both async and a callback like async function (event, context, callback) is not supported
- Webpack library target to commonjs2, with typescript compiler option module different than Commonjs is not supported

In this section:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.