Lucene search
K

4 matches found

OSV
OSV
added 2025/12/18 3:47 p.m.5 views

GHSA-X44P-GVRJ-PJ2R Amazon S3 Encryption Client for Java has a Key Commitment Issue

Summary S3 Encryption Client for Java is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key EDK is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible Salamander...

6CVSS6.9AI score0.00103EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2025/12/18 12:0 a.m.9 views

Amazon S3 Encryption Client for .NET has a Key Commitment Issue

S3 Encryption Client for .NET S3EC is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key EDK is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible Salamanders"...

6CVSS6.7AI score0.00094EPSS
Exploits0References7
RubySec
RubySec
added 2025/12/18 12:0 a.m.10 views

AWS SDK for Ruby's S3 Encryption Client has a Key Commitment Issue

Summary S3 Encryption Client for Ruby is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key EDK is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible Salamander...

6CVSS7AI score0.00185EPSS
Exploits0References1Affected Software1
Hacker One
Hacker One
added 2024/05/09 6:21 p.m.5 views

Nextcloud: Invisible Salamanders Attack against end_to_end_encryption in Nextcloud

Vulnerability description not provided...

7.1AI score
Exploits0
Rows per page
Query Builder