PT-2026-33829

Name of the Vulnerable Software and Affected Versions Amazon AWS Encryption SDK for Python versions prior to 3.3.1 Amazon AWS Encryption SDK for Python versions prior to 4.0.5 Description A cryptographic algorithm downgrade in the caching layer may allow an authenticated local threat actor to...

Amazon AWS Encryption SDK Encryption Issues Vulnerabilities

The Amazon AWS Encryption SDK is a development toolkit for encryption applications from Amazon.com, USA. A security vulnerability exists in the AWS Encryption SDK that stems from the SDK's use of the non-submit attribute of AES-GCM as well as other AEAD ciphers such as AES-GCM-SIV or...