Lucene search
Veracode Vulnerability DatabaseVERACODE:34189HistoryFeb 14, 2022 - 6:45 a.m.
Information Disclosure
2022-02-1406:45:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.001 Low
EPSS
Percentile
20.2%
github.com/aws/aws-sdk-go is vulnerable to information disclosure. An attacker who has write access to the target S3 bucket can reveal the information of the decryption failures through the endpoint. when the CBC option is chosen as a content cipher
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/aws/aws-sdk-go | le | v1.33.21 | |
| github.com/aws/aws-sdk-go | le | v1.33.21 |
Related
cgr
cgr
CVE-2020-8911 vulnerabilities
2024-05-19 03:07:16
cve
cve
CVE-2020-8911
2020-08-11 20:15:13
nvd
nvd
CVE-2020-8911
2020-08-11 20:15:13
prion
prion
Design/Logic Flaw
2020-08-11 20:15:00
cvelist
cvelist
CVE-2020-8911 CBC padding oracle in AWS S3 Crypto SDK for GoLang
2020-08-11 19:20:14
gitlab
gitlab
Use of a Broken or Risky Cryptographic Algorithm
2022-02-11 00:00:00
wolfi
wolfi
CVE-2020-8911 vulnerabilities
2024-07-05 21:08:40
redhatcve
redhatcve
CVE-2020-8911
2020-08-18 19:29:14
osv
osv
Use of risky cryptographic algorithm in github.com/aws/aws-sdk-go
2022-02-11 23:26:26
In-band key negotiation issue in AWS S3 Crypto SDK for golang
2022-02-11 23:23:13
CBC padding oracle issue in AWS S3 Crypto SDK for golang
2022-02-11 23:26:26
github
github
CBC padding oracle issue in AWS S3 Crypto SDK for golang
2022-02-11 23:26:26
Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library
2022-07-13 00:00:39
redhat
redhat
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps
2024-01-31 19:31:55