CVE-2025-14760

Missing cryptographic key commitment in the AWS SDK for C++ may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgra...

CVE-2025-14759

Missing cryptographic key commitment in the Amazon S3 Encryption Client for .NET may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To...

CVE-2025-14759

Missing cryptographic key commitment in the Amazon S3 Encryption Client for .NET may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To...

Amazon AWS SDK for PHP 安全漏洞

Amazon AWS SDK for PHP is a software development kit for Amazon Web Services based on the PHP platform from Amazon.com, USA. A security vulnerability exists in Amazon AWS SDK for PHP that stems from a lack of cryptographic key commitment, which could cause a user with write access to the S3 stora...

PT-2025-51882

Name of the Vulnerable Software and Affected Versions AWS SDK for PHP versions prior to 3.368.0 Description A missing cryptographic key commitment in the AWS SDK for PHP could allow a user with write access to an S3 bucket to introduce a new Encryption Data Key EDK that decrypts to different...

PT-2025-51884

Name of the Vulnerable Software and Affected Versions Amazon S3 Encryption Client for Java versions prior to 4.0.0 Description A missing cryptographic key commitment in the Amazon S3 Encryption Client for Java could allow a user with write access to an S3 bucket to introduce a new Encryption Data...

PT-2025-51880

Name of the Vulnerable Software and Affected Versions Amazon S3 Encryption Client for .NET versions prior to 3.2.0 Description A flaw exists in the Amazon S3 Encryption Client for .NET where a missing cryptographic key commitment could allow a user with write access to an S3 bucket to introduce a...

AWS SDK for C++ 安全漏洞

AWS SDK for C++ is an open source developer toolkit for C++ by Amazon Web Services A security vulnerability exists in AWS SDK for C++ that stems from a lack of cryptographic key commitment, which could lead to a user with write access to an S3 storage bucket introducing a new EDK that decrypts a...

PT-2025-51881

Name of the Vulnerable Software and Affected Versions AWS SDK for C++ versions prior to 1.11.712 Description A missing cryptographic key commitment in the AWS SDK for C++ could allow a user with write access to an S3 bucket to introduce a new encryption data key EDK that decrypts to different...