Skip to main content

Aws Software Development Kit

3 CVEs product

Monthly

CVE-2023-51651 LIB LOW PATCH Monitor

AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Aws Software Development Kit
NVD GitHub
CVSS 3.1
3.3
EPSS
0.4%
CVE-2022-2582 Go MEDIUM POC PATCH This Month

The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aws Software Development Kit
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-4725 Maven CRITICAL PATCH Act Now

A vulnerability was found in AWS SDK 2.59.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

Java SSRF Google Aws Software Development Kit
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
EPSS 0% CVSS 3.3
LOW PATCH Monitor

AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Aws Software Development Kit
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aws Software Development Kit
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

A vulnerability was found in AWS SDK 2.59.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

Java SSRF Google +1
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy