Lucene search
K

6 matches found

Circl
Circl
added 2024/02/15 4:52 p.m.7 views

CVE-2024-23680

creationtimestamp| type| source ---|---|--- 2024-02-15 16:52:04+00:00| seen| https://t.me/ctinow/185687...

5.3CVSS5.4AI score0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/19 8:44 p.m.15 views

CVE-2024-23680 AWS Encryption SDK for Java Improper Verification of Cryptographic Signature

AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures...

5.3AI score0.0021EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/19 8:44 p.m.30 views

CVE-2024-23680 AWS Encryption SDK for Java Improper Verification of Cryptographic Signature

AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures...

5.5AI score0.0021EPSS
Exploits0References3
CVE
CVE
added 2024/01/19 8:44 p.m.50 views

CVE-2024-23680

CVE-2024-23680 affects the AWS Encryption SDK for Java (versions 2.0.0–2.2.0 and older than 1.9.0). The issue is that the library incorrectly validates certain invalid ECDSA signatures, with Red Hat/CVE and OSV entries corroborating the vulnerable range and nature. The practical impact stated acr...

5.3CVSS5.3AI score0.0021EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2021/06/01 9:17 p.m.9 views

br.com.guiabolso:hyperloop-transport (=3.0.1), com.eoniantech:secrets-locker (>=1.0 <=1.2) +8 more potentially affected by CVE-2024-23680 via com.amazonaws:aws-encryption-sdk-java (>=0.0.1 <=1.7.0)

com.amazonaws:aws-encryption-sdk-java MAVEN version =0.0.1, =1.0, =2.3.2, =0.3.0, =2.8.0, =2.11.1 - org.apache.ignite:ignite-aws-ext =1.0.0 - org.dreamhorizon:vertx-cron =1.0.0 - software.amazon.cloudformation:aws-cloudformation-rpdk-java-plugin =2.0.12 Source cves: CVE-2024-23680 Source advisory...

5.3CVSS6AI score0.0021EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/06/01 9:17 p.m.3 views

com.yandex.cloud:kms-provider-awscrypto (>=2.0 <=2.6) potentially affected by CVE-2024-23680 via com.amazonaws:aws-encryption-sdk-java (=2.0.0)

com.amazonaws:aws-encryption-sdk-java MAVEN version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on com.amazonaws:aws-encryption-sdk-java and may be impacted: - com.yandex.cloud:kms-provider-awscrypto =2.0, =2.6 Source cves: CVE-2024-23680 Sourc...

5.3CVSS6AI score0.0021EPSS
Exploits0
Rows per page
Query Builder