Lucene search
Veracode Vulnerability DatabaseVERACODE:34213HistoryFeb 14, 2022 - 11:17 a.m.
Insecure Cryptography
2022-02-1411:17:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.0004 Low
EPSS
Percentile
13.0%
github.com/aws/aws-sdk-go is vulnerable to insecure cryptography. The vulnerability exists due to broken encryption algorithm which allows an attacker with write access to change AES-GCM to AES-CTR.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/aws/aws-sdk-go | le | v1.42.52 | |
| github.com/aws/aws-sdk-go | le | v1.42.52 |
Related
nvd
nvd
CVE-2020-8912
2020-08-11 20:15:13
redhatcve
redhatcve
CVE-2020-8912
2020-08-18 19:29:55
prion
prion
Authentication flaw
2020-08-11 20:15:00
cvelist
cvelist
CVE-2020-8912 In-band key negotiation issue in AWS S3 Crypto SDK for GoLang
2020-08-11 19:20:14
cve
cve
CVE-2020-8912
2020-08-11 20:15:13
ibm
ibm
github
github
In-band key negotiation issue in AWS S3 Crypto SDK for golang
2022-02-11 23:23:13
CBC padding oracle issue in AWS S3 Crypto SDK for golang
2022-02-11 23:26:26
Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library
2022-07-13 00:00:39
wolfi
wolfi
CVE-2020-8912 vulnerabilities
2024-07-03 09:08:38
gitlab
gitlab
Use of a Broken or Risky Cryptographic Algorithm
2022-02-11 00:00:00
cgr
cgr
CVE-2020-8912 vulnerabilities
2024-05-19 03:07:16
osv
osv
Use of risky cryptographic algorithm in github.com/aws/aws-sdk-go
2022-02-11 23:26:26
In-band key negotiation issue in AWS S3 Crypto SDK for golang
2022-02-11 23:23:13
CBC padding oracle issue in AWS S3 Crypto SDK for golang
2022-02-11 23:26:26
redhat
redhat