Lucene search
Veracode Vulnerability DatabaseVERACODE:38793HistoryJan 07, 2023 - 8:13 p.m.
Information Disclosure
2023-01-0720:13:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
github
aws-sdk-go
vulnerability
plaintext
disclosure
software
metadata
hash
ciphertext
brute force
attacker
EPSS
0.001
Percentile
21.8%
github.com/aws/aws-sdk-go is vulnerable to information disclosure. The library sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field which could be used to brute force the plaintext, when the hash is readable to the attacker.
Related
prion
prion
Code injection
2022-12-27 22:15:00
osv
osv
Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go
2022-07-01 20:10:56
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
2022-12-28 00:30:23
CGA-585c-pgh6-jfxh
2024-06-06 12:24:02
wolfi
wolfi
CVE-2022-2582 vulnerabilities
2024-09-30 09:32:54
ibm
ibm
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2022-2582
2022-12-27 00:00:00
debiancve
debiancve
CVE-2022-2582
2022-12-27 22:15:12
cgr
cgr
CVE-2022-2582 vulnerabilities
2024-05-19 03:07:16
cve
cve
CVE-2022-2582
2022-12-27 22:15:12
nvd
nvd
CVE-2022-2582
2022-12-27 22:15:12
github
github