7 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-2582
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintex...
CVE-2022-2582
creationtimestamp| type| source ---|---|--- 2022-12-28 00:11:49+00:00| seen| https://t.me/cibsecurity/55442...
CVE-2022-2582 vulnerabilities
Vulnerabilities for packages: k3d...
CVE-2022-2582 vulnerabilities
Vulnerabilities for packages: k3d...
CVE-2022-2582 Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it...
CVE-2022-2582
The CVE-2022-2582 issue concerns the AWS S3 Crypto SDK (Go) sending an unencrypted hash of the plaintext as a metadata field alongside ciphertext. This could enable brute‑force of the plaintext if readable. AWS has since blocks this field in newer SDKs; older versions still send it. Mitigation: u...
CVE-2022-2582 Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it...