The AWS Serverless Application Model Command Line Interface (AWS SAM CLI) is an open-source tool that helps developers build and develop Lambda applications locally using Docker. However, two security issues have been identified in the AWS SAM CLI, and a fix has been released to address them. Users are recommended to upgrade to the latest version to resolve these issues and ensure any forked or derivative code is patched. The first issue, CVE-2025-3047, allows a user to access privileged files on the host by leveraging elevated permissions granted to the tool when running the build process with Docker and symlinks. This issue affects AWS SAM CLI versions <= v1.132.0 and has been resolved in v1.133.0. To retain the previous behavior, users can use the '--mount-symlinks' parameter. The second issue, CVE-2025-3048, allows a user to access restricted files via symlinks copied to the cache of the local workspace. This issue affects AWS SAM CLI versions <= v1.133.0 and has been resolved in v1.134.0. After upgrading, users must re-build their applications using the 'sam build --use-container' command to update the symlinks. The affected versions are <= AWS SAM CLI v1.133.0, and the resolution is to upgrade to the latest version and patch any forked or derivative code. The GitHub Security Lab is acknowledged for collaborating on this issue through the coordinated vulnerability disclosure process.