Amazon Aws Encryption Sdk
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Amazon Aws Encryption Sdk.
By the Year
In 2026 there have been 0 vulnerabilities in Amazon Aws Encryption Sdk. Aws Encryption Sdk did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 5.30 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 4.80 |
It may take a day or so for new Aws Encryption Sdk vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Amazon Aws Encryption Sdk Security Vulnerabilities
ECDSA Signature Validation Flaw in AWS Encryption SDK for Java 2.0.02.2.0, <1.9.0
CVE-2024-23680
5.3 - Medium
- January 19, 2024
AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures.
Improper Verification of Cryptographic Signature
A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0
CVE-2020-8897
4.8 - Medium
- November 16, 2020
A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. Due to the non-committing property of AES-GCM (and other AEAD ciphers such as AES-GCM-SIV or (X)ChaCha20Poly1305) used by the SDKs to encrypt messages, an attacker can craft a unique cyphertext which will decrypt to multiple different results, and becomes especially relevant in a multi-recipient setting. We recommend users update their SDK to 2.0.0 or later.
Cryptographic Issues
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Amazon Aws Encryption Sdk or by Amazon? Click the Watch button to subscribe.
