Lucene search
GoCVELIST:CVE-2022-2582HistoryDec 27, 2022 - 9:13 p.m.
CVE-2022-2582 Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go
2022-12-2721:13:47
Go
raw.githubusercontent.com
4
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it.
Related
github
github
cgr
cgr
CVE-2022-2582 vulnerabilities
2024-05-19 03:07:16
veracode
veracode
Information Disclosure
2023-01-07 20:13:42
cve
cve
CVE-2022-2582
2022-12-27 22:15:00
debiancve
debiancve
CVE-2022-2582
2022-12-27 22:15:00
ubuntucve
ubuntucve
CVE-2022-2582
2022-12-27 00:00:00
osv
osv
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
2022-12-28 00:30:23
Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go
2022-07-01 20:10:56
Unencrypted md5 plaintext hash in metadata in AWS S3 Crypto SDK for golang
2022-02-11 23:26:12
ibm
ibm
prion
prion
Code injection
2022-12-27 22:15:00
wolfi
wolfi
CVE-2022-2582 vulnerabilities
2024-06-01 21:07:39