net.snowflake:snowflake-jdbc-thin (=4.0.0), org.apache.hadoop:hadoop-aws (=3.4.2) +6 more potentially affected by CVE-2025-14763 via software.amazon.encryption.s3:amazon-s3-encryption-client-java (>=3.1.1 <=3.5.0)

software.amazon.encryption.s3:amazon-s3-encryption-client-java MAVEN version =3.1.1, =2.7.0, =2.7.0, =2.7.0, =2.7.0, =2.7.0, =2.7.0, =2.7.2 Source cves: CVE-2025-14763 Source advisory: OSV:GHSA-X44P-GVRJ-PJ2R...

Amazon S3 Encryption Client for Java has a Key Commitment Issue

Summary S3 Encryption Client for Java is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key EDK is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible Salamander...

GHSA-4V42-65R3-3GJX Amazon S3 Encryption Client for .NET has a Key Commitment Issue

Summary S3 Encryption Client for .NET S3EC is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key EDK is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible...

Amazon S3 Encryption Client for .NET has a Key Commitment Issue

S3 Encryption Client for .NET S3EC is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key EDK is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible Salamanders"...