3 matches found
CVE-2025-14761 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
Linux Distros Unpatched Vulnerability : CVE-2025-14761
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing cryptographic key commitment in the AWS SDK for PHP may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to differen...
CVE-2025-14761
The CVE-2025-14761 issue affects the AWS SDK for PHP S3 Encryption Client. When the encrypted data key (EDK) is stored in an Instruction File rather than S3 metadata, a lack of key commitment can allow a rogue EDK to decrypt the same ciphertext to different plaintext. Affected behavior is describ...