CBC padding oracle in AWS S3 Crypto SDK for GoLang
Description
A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/aws/aws-sdk-goGo | < 1.34.0 | 1.34.0 |
Affected products
548- osv-coords547 versionspkg:apk/chainguard/amazon-cloudwatch-agentpkg:apk/chainguard/amazon-cloudwatch-agent-fipspkg:apk/chainguard/amazon-ecs-agentpkg:apk/chainguard/amazon-ecs-agent-fipspkg:apk/chainguard/apply-cve-bumppkg:apk/chainguard/argo-cd-3.2pkg:apk/chainguard/argo-cd-3.2-compatpkg:apk/chainguard/argo-cd-3.3pkg:apk/chainguard/argo-cd-3.3-compatpkg:apk/chainguard/argo-cd-fips-3.2pkg:apk/chainguard/argo-cd-fips-3.2-compatpkg:apk/chainguard/argo-cd-fips-3.3pkg:apk/chainguard/argo-cd-fips-3.3-compatpkg:apk/chainguard/argo-eventspkg:apk/chainguard/argo-events-fipspkg:apk/chainguard/argo-rolloutspkg:apk/chainguard/argo-rollouts-fipspkg:apk/chainguard/atlas-1.0pkg:apk/chainguard/atlas-1.0-fipspkg:apk/chainguard/atlas-1.1pkg:apk/chainguard/atlas-1.1-fipspkg:apk/chainguard/atlas-1.2pkg:apk/chainguard/aws-flb-cloudwatchpkg:apk/chainguard/aws-flb-cloudwatch-fipspkg:apk/chainguard/aws-flb-firehosepkg:apk/chainguard/aws-flb-firehose-fipspkg:apk/chainguard/aws-flb-kinesispkg:apk/chainguard/aws-flb-kinesis-fipspkg:apk/chainguard/aws-node-termination-handlerpkg:apk/chainguard/aws-node-termination-handler-fipspkg:apk/chainguard/aws-nukepkg:apk/chainguard/aws-nuke-fipspkg:apk/chainguard/aws-otel-collectorpkg:apk/chainguard/aws-otel-collector-fipspkg:apk/chainguard/aws-s3-controllerpkg:apk/chainguard/aws-sigv4-proxypkg:apk/chainguard/aws-sigv4-proxy-fipspkg:apk/chainguard/bank-vaultspkg:apk/chainguard/bank-vaults-fipspkg:apk/chainguard/bank-vaults-vault-operatorpkg:apk/chainguard/bank-vaults-vault-operator-fipspkg:apk/chainguard/cadencepkg:apk/chainguard/cadence-cassandra-toolpkg:apk/chainguard/cadence-fipspkg:apk/chainguard/cadence-fips-cassandra-toolpkg:apk/chainguard/cadence-fips-serverpkg:apk/chainguard/cadence-fips-sql-toolpkg:apk/chainguard/cadence-serverpkg:apk/chainguard/cadence-sql-toolpkg:apk/chainguard/cephcsipkg:apk/chainguard/cephcsi-fipspkg:apk/chainguard/cert-exporterpkg:apk/chainguard/cert-exporter-fipspkg:apk/chainguard/certificate-transparency-fips-trillian-ctserverpkg:apk/chainguard/certificate-transparency-trillian-ctserverpkg:apk/chainguard/cgpkg:apk/chainguard/chartmuseumpkg:apk/chainguard/chartmuseum-fipspkg:apk/chainguard/cloudbeat-9.0pkg:apk/chainguard/cloudbeat-fips-8.17pkg:apk/chainguard/cloudbeat-fips-9.0pkg:apk/chainguard/cloud-sql-proxy-2.16pkg:apk/chainguard/cloud-sql-proxy-2.18pkg:apk/chainguard/cloud-sql-proxy-2.21pkg:apk/chainguard/cloud-sql-proxy-2.22pkg:apk/chainguard/cloud-sql-proxy-fipspkg:apk/chainguard/cluster-autoscaler-1.33pkg:apk/chainguard/cluster-autoscaler-1.34pkg:apk/chainguard/cluster-autoscaler-fips-1.33pkg:apk/chainguard/cluster-autoscaler-fips-1.34pkg:apk/chainguard/consul-1.21pkg:apk/chainguard/consul-fips-1.21pkg:apk/chainguard/consul-k8s-1.1pkg:apk/chainguard/consul-k8s-1.3pkg:apk/chainguard/consul-k8s-1.4pkg:apk/chainguard/consul-k8s-1.5pkg:apk/chainguard/consul-k8s-1.6pkg:apk/chainguard/consul-k8s-fips-1.1pkg:apk/chainguard/consul-k8s-fips-1.3pkg:apk/chainguard/consul-k8s-fips-1.4pkg:apk/chainguard/consul-k8s-fips-1.5pkg:apk/chainguard/consul-k8s-fips-1.6pkg:apk/chainguard/crossplane-aws-providerpkg:apk/chainguard/crossplane-aws-provider-fipspkg:apk/chainguard/dapr-daprd-1.15pkg:apk/chainguard/dapr-daprd-1.16pkg:apk/chainguard/dapr-daprd-fips-1.15pkg:apk/chainguard/dapr-daprd-fips-1.16pkg:apk/chainguard/datadog-agent-7.71-fullpkg:apk/chainguard/datadog-agent-7.77-fullpkg:apk/chainguard/datadog-agent-7.78-fullpkg:apk/chainguard/datadog-agent-7.79-fullpkg:apk/chainguard/datadog-agent-fips-7.71-fullpkg:apk/chainguard/datadog-agent-fips-7.77-fullpkg:apk/chainguard/datadog-agent-fips-7.78-fullpkg:apk/chainguard/datadog-agent-fips-7.79-fullpkg:apk/chainguard/distributionpkg:apk/chainguard/distribution-fipspkg:apk/chainguard/dronepkg:apk/chainguard/drone-fipspkg:apk/chainguard/elastic-agent-8.19pkg:apk/chainguard/elastic-agent-fips-8.19pkg:apk/chainguard/elastic-otel-collector-9.4pkg:apk/chainguard/elastic-otel-collector-fips-9.4pkg:apk/chainguard/external-secrets-fipspkg:apk/chainguard/external-secrets-operator-2.2pkg:apk/chainguard/external-secrets-operator-2.3pkg:apk/chainguard/external-secrets-operator-2.4pkg:apk/chainguard/external-secrets-operator-2.5pkg:apk/chainguard/external-secrets-operator-2.6pkg:apk/chainguard/external-secrets-operator-2.7pkg:apk/chainguard/external-secrets-operator-fips-2.2pkg:apk/chainguard/external-secrets-operator-fips-2.3pkg:apk/chainguard/external-secrets-operator-fips-2.4pkg:apk/chainguard/external-secrets-operator-fips-2.5pkg:apk/chainguard/external-secrets-operator-fips-2.6pkg:apk/chainguard/external-secrets-operator-fips-2.7pkg:apk/chainguard/flaggerpkg:apk/chainguard/flagger-fipspkg:apk/chainguard/flytepkg:apk/chainguard/gatekeeper-3.21pkg:apk/chainguard/gatekeeper-3.22pkg:apk/chainguard/gatekeeper-fips-3.21pkg:apk/chainguard/gatekeeper-fips-3.22pkg:apk/chainguard/gitlab-container-registry-18.10pkg:apk/chainguard/gitlab-container-registry-18.11pkg:apk/chainguard/gitlab-container-registry-19.0pkg:apk/chainguard/gitlab-container-registry-19.1pkg:apk/chainguard/gitlab-container-registry-fips-18.10pkg:apk/chainguard/gitlab-container-registry-fips-18.11pkg:apk/chainguard/gitlab-container-registry-fips-19.0pkg:apk/chainguard/gitlab-container-registry-fips-19.1pkg:apk/chainguard/gitlab-docker-machine-18.10pkg:apk/chainguard/gitlab-docker-machine-18.11pkg:apk/chainguard/gitlab-docker-machine-19.0pkg:apk/chainguard/gitlab-docker-machine-19.1pkg:apk/chainguard/gitlab-docker-machine-fips-18.10pkg:apk/chainguard/gitlab-docker-machine-fips-18.11pkg:apk/chainguard/gitlab-docker-machine-fips-19.0pkg:apk/chainguard/gitlab-docker-machine-fips-19.1pkg:apk/chainguard/gitnesspkg:apk/chainguard/gitsignpkg:apk/chainguard/go-getter-2pkg:apk/chainguard/go-getter-2.1pkg:apk/chainguard/go-getter-2.2pkg:apk/chainguard/go-getter-2-fipspkg:apk/chainguard/gomplate-4pkg:apk/chainguard/gomplate-5pkg:apk/chainguard/gomplate-fips-4pkg:apk/chainguard/gomplate-fips-5pkg:apk/chainguard/google-cloud-otel-ops-collectorpkg:apk/chainguard/gostatsdpkg:apk/chainguard/grafana-10.1pkg:apk/chainguard/grafana-11.6pkg:apk/chainguard/grafana-12.2pkg:apk/chainguard/grafana-12.3pkg:apk/chainguard/grafana-12.4pkg:apk/chainguard/grafana-13.0pkg:apk/chainguard/grafana-13.1pkg:apk/chainguard/grafana-agent-operatorpkg:apk/chainguard/grafana-fips-11.6pkg:apk/chainguard/grafana-fips-12.2pkg:apk/chainguard/grafana-fips-12.3pkg:apk/chainguard/grafana-fips-12.4pkg:apk/chainguard/grafana-fips-13.0pkg:apk/chainguard/grafana-fips-13.1pkg:apk/chainguard/grafana-mimir-2.17pkg:apk/chainguard/grafana-mimir-2.17-mimirtool-2.17pkg:apk/chainguard/grafana-mimir-3.0pkg:apk/chainguard/grafana-mimir-3.0-mimirtool-3.0pkg:apk/chainguard/grafana-mimir-fips-2.17pkg:apk/chainguard/grafana-mimir-fips-3.0pkg:apk/chainguard/grafana-pyroscope-1.12pkg:apk/chainguard/grafana-pyroscope-1.13pkg:apk/chainguard/grafana-pyroscope-1.14pkg:apk/chainguard/greptpkg:apk/chainguard/grept-fipspkg:apk/chainguard/guacgqlpkg:apk/chainguard/harbor-2.13pkg:apk/chainguard/harbor-2.13-jobservicepkg:apk/chainguard/harbor-2.13-registryctlpkg:apk/chainguard/harbor-2.14pkg:apk/chainguard/harbor-2.14-jobservicepkg:apk/chainguard/harbor-2.14-registryctlpkg:apk/chainguard/harbor-2.15pkg:apk/chainguard/harbor-2.15-jobservicepkg:apk/chainguard/harbor-2.15-registryctlpkg:apk/chainguard/harbor-fips-2.13pkg:apk/chainguard/harbor-fips-2.13-jobservicepkg:apk/chainguard/harbor-fips-2.13-registryctlpkg:apk/chainguard/harbor-fips-2.14pkg:apk/chainguard/harbor-fips-2.14-jobservicepkg:apk/chainguard/harbor-fips-2.14-registryctlpkg:apk/chainguard/harbor-fips-2.15pkg:apk/chainguard/harbor-fips-2.15-jobservicepkg:apk/chainguard/harbor-fips-2.15-registryctlpkg:apk/chainguard/harbor-registrypkg:apk/chainguard/harbor-registry-fipspkg:apk/chainguard/harvesterpkg:apk/chainguard/harvester-fipspkg:apk/chainguard/harvester-fips-webhookpkg:apk/chainguard/harvester-webhookpkg:apk/chainguard/influxd-2.7pkg:apk/chainguard/juicefs-1.2pkg:apk/chainguard/k3dpkg:apk/chainguard/k3d-proxypkg:apk/chainguard/k3d-toolspkg:apk/chainguard/k8sgptpkg:apk/chainguard/k8s-image-swapperpkg:apk/chainguard/k8s-image-swapper-fipspkg:apk/chainguard/karpenter-0.33pkg:apk/chainguard/karpenter-0.34pkg:apk/chainguard/karpenter-0.35pkg:apk/chainguard/karpenter-0.36pkg:apk/chainguard/karpenter-0.37pkg:apk/chainguard/karpenter-fips-0.33pkg:apk/chainguard/karpenter-fips-0.34pkg:apk/chainguard/karpenter-fips-0.35pkg:apk/chainguard/karpenter-fips-0.36pkg:apk/chainguard/karpenter-fips-0.37pkg:apk/chainguard/kfp-driverpkg:apk/chainguard/kiampkg:apk/chainguard/kserve-agentpkg:apk/chainguard/kserve-agent-fipspkg:apk/chainguard/kserve-localmodelpkg:apk/chainguard/kserve-localmodelnode-agentpkg:apk/chainguard/kserve-localmodelnode-agent-fipspkg:apk/chainguard/kserve-managerpkg:apk/chainguard/kserve-manager-fipspkg:apk/chainguard/kserve-modelmesh-servingpkg:apk/chainguard/kserve-routerpkg:apk/chainguard/kube-arangodb-1.4pkg:apk/chainguard/kube-arangodb-fips-1.4pkg:apk/chainguard/kubectl-argo-rolloutspkg:apk/chainguard/kubectl-argo-rollouts-fipspkg:apk/chainguard/kubeflow-pipelines-apiserverpkg:apk/chainguard/kubeflow-pipelines-driver-fipspkg:apk/chainguard/kubeflow-profile-controllerpkg:apk/chainguard/kubeflow-profile-controller-fipspkg:apk/chainguard/kubernetes-event-exporterpkg:apk/chainguard/kubernetes-event-exporter-fipspkg:apk/chainguard/kubescapepkg:apk/chainguard/kubescape-operatorpkg:apk/chainguard/kubescape-operator-fipspkg:apk/chainguard/kubescape-serverpkg:apk/chainguard/kubescape-server-downloaderpkg:apk/chainguard/kubescape-server-fipspkg:apk/chainguard/kubescape-server-fips-downloaderpkg:apk/chainguard/kubevirt-cdi-uploadserver-1.5pkg:apk/chainguard/kubevirt-cdi-uploadserver-1.59pkg:apk/chainguard/kubevirt-cdi-uploadserver-1.6pkg:apk/chainguard/kubevirt-cdi-uploadserver-fips-1.5pkg:apk/chainguard/kubevirt-cdi-uploadserver-fips-1.59pkg:apk/chainguard/kubevirt-cdi-uploadserver-fips-1.6pkg:apk/chainguard/loki-fips-2.9pkg:apk/chainguard/loki-fips-2.9-logclipkg:apk/chainguard/loki-fips-2.9-loki-canarypkg:apk/chainguard/loki-fips-2.9-promtailpkg:apk/chainguard/loki-fips-3.4pkg:apk/chainguard/loki-fips-3.4-logclipkg:apk/chainguard/loki-fips-3.4-loki-canarypkg:apk/chainguard/loki-fips-3.4-promtailpkg:apk/chainguard/loki-fips-3.5pkg:apk/chainguard/loki-fips-3.5-logclipkg:apk/chainguard/loki-fips-3.5-loki-canarypkg:apk/chainguard/loki-fips-3.5-promtailpkg:apk/chainguard/loki-fips-3.6pkg:apk/chainguard/loki-fips-3.6-logclipkg:apk/chainguard/loki-fips-3.7pkg:apk/chainguard/loki-fips-3.7-logclipkg:apk/chainguard/longhorn-backing-image-manager-1.8pkg:apk/chainguard/longhorn-backing-image-manager-1.9pkg:apk/chainguard/longhorn-backing-image-manager-fips-1.8pkg:apk/chainguard/longhorn-backing-image-manager-fips-1.9pkg:apk/chainguard/longhorn-engine-1.8pkg:apk/chainguard/longhorn-engine-1.9pkg:apk/chainguard/longhorn-instance-manager-1.8pkg:apk/chainguard/longhorn-instance-manager-1.8-fipspkg:apk/chainguard/longhorn-instance-manager-1.9pkg:apk/chainguard/longhorn-instance-manager-1.9-fipspkg:apk/chainguard/mapotfpkg:apk/chainguard/mapotf-fipspkg:apk/chainguard/mattermost-10.11pkg:apk/chainguard/mattermost-fips-10.11pkg:apk/chainguard/metrics-agentpkg:apk/chainguard/metrics-agent-fipspkg:apk/chainguard/monstachepkg:apk/chainguard/neuvector-controllerpkg:apk/chainguard/neuvector-controller-fipspkg:apk/chainguard/neuvector-enforcerpkg:apk/chainguard/neuvector-enforcer-fipspkg:apk/chainguard/neuvector-scannerpkg:apk/chainguard/neuvector-scanner-fipspkg:apk/chainguard/neuvector-scanner-taskpkg:apk/chainguard/neuvector-scanner-task-fipspkg:apk/chainguard/neuvector-upgraderpkg:apk/chainguard/neuvector-upgrader-fipspkg:apk/chainguard/newrelic-nri-statsdpkg:apk/chainguard/node-problem-detector-0.8pkg:apk/chainguard/node-problem-detector-1.34pkg:apk/chainguard/node-problem-detector-1.35pkg:apk/chainguard/node-problem-detector-fips-0.8pkg:apk/chainguard/node-problem-detector-fips-1.34pkg:apk/chainguard/node-problem-detector-fips-1.35pkg:apk/chainguard/nrdot-collectorpkg:apk/chainguard/nrdot-collector-fipspkg:apk/chainguard/nrdot-collector-k8spkg:apk/chainguard/nrdot-collector-k8s-fipspkg:apk/chainguard/openbaopkg:apk/chainguard/openbao-fipspkg:apk/chainguard/opencostpkg:apk/chainguard/opencost-fipspkg:apk/chainguard/opentelemetry-collector-contribpkg:apk/chainguard/opentelemetry-collector-contrib-fipspkg:apk/chainguard/opentelemetry-collector-fipspkg:apk/chainguard/opentofu-1.9pkg:apk/chainguard/opentofu-fips-1.9pkg:apk/chainguard/packerpkg:apk/chainguard/packer-fipspkg:apk/chainguard/plutonopkg:apk/chainguard/plutono-fipspkg:apk/chainguard/porchpkg:apk/chainguard/porch-fipspkg:apk/chainguard/postgres-operatorpkg:apk/chainguard/postgres-operator-fipspkg:apk/chainguard/prometheus-3.12pkg:apk/chainguard/prometheus-3.5pkg:apk/chainguard/prometheus-fips-3.12pkg:apk/chainguard/prometheus-fips-3.5pkg:apk/chainguard/promxypkg:apk/chainguard/promxy-fipspkg:apk/chainguard/rancher-2.10pkg:apk/chainguard/rancher-2.11pkg:apk/chainguard/rancher-2.12pkg:apk/chainguard/rancher-2.13pkg:apk/chainguard/rancher-2.14pkg:apk/chainguard/rancher-agent-2.10pkg:apk/chainguard/rancher-agent-2.11pkg:apk/chainguard/rancher-agent-2.12pkg:apk/chainguard/rancher-agent-2.13pkg:apk/chainguard/rancher-agent-2.14pkg:apk/chainguard/rancher-machinepkg:apk/chainguard/rook-1.18pkg:apk/chainguard/rook-1.18-oci-compatpkg:apk/chainguard/rook-1.19pkg:apk/chainguard/rook-1.19-oci-compatpkg:apk/chainguard/rook-fips-1.18pkg:apk/chainguard/rook-fips-1.18-oci-compatpkg:apk/chainguard/rook-fips-1.19pkg:apk/chainguard/rook-fips-1.19-oci-compatpkg:apk/chainguard/rpk-25.1.12pkg:apk/chainguard/rpk-25.2.14pkg:apk/chainguard/rpk-25.3.15pkg:apk/chainguard/s5cmdpkg:apk/chainguard/s5cmd-fipspkg:apk/chainguard/seaweedfspkg:apk/chainguard/seaweedfs-fipspkg:apk/chainguard/seaweedfs-operatorpkg:apk/chainguard/seaweedfs-operator-fipspkg:apk/chainguard/seaweedfs-rocksdbpkg:apk/chainguard/seaweedfs-rocksdb-fipspkg:apk/chainguard/slsa-verifierpkg:apk/chainguard/splunk-otel-collectorpkg:apk/chainguard/splunk-otel-collector-fipspkg:apk/chainguard/steampipepkg:apk/chainguard/step-capkg:apk/chainguard/step-ca-fipspkg:apk/chainguard/tekton-chainspkg:apk/chainguard/tekton-chains-fipspkg:apk/chainguard/teleport-17pkg:apk/chainguard/teleport-17-operatorpkg:apk/chainguard/teleport-operator-fips-16pkg:apk/chainguard/teleport-operator-fips-17pkg:apk/chainguard/tempo-2.8pkg:apk/chainguard/tempo-2.8-clipkg:apk/chainguard/tempo-2.8-vulturepkg:apk/chainguard/tempo-2.9pkg:apk/chainguard/tempo-2.9-clipkg:apk/chainguard/tempo-2.9-vulturepkg:apk/chainguard/tempo-fips-2.8pkg:apk/chainguard/tempo-fips-2.8-clipkg:apk/chainguard/tempo-fips-2.8-vulturepkg:apk/chainguard/tempo-fips-2.9pkg:apk/chainguard/tempo-fips-2.9-clipkg:apk/chainguard/tempo-fips-2.9-vulturepkg:apk/chainguard/terraformpkg:apk/chainguard/terragruntpkg:apk/chainguard/terragrunt-fipspkg:apk/chainguard/tigera-operator-1.34pkg:apk/chainguard/tigera-operator-1.36pkg:apk/chainguard/tigera-operator-1.37pkg:apk/chainguard/tigera-operator-1.38pkg:apk/chainguard/tigera-operator-1.40pkg:apk/chainguard/tigera-operator-1.41pkg:apk/chainguard/tigera-operator-fips-1.29pkg:apk/chainguard/tigera-operator-fips-1.34pkg:apk/chainguard/tigera-operator-fips-1.36pkg:apk/chainguard/tigera-operator-fips-1.37pkg:apk/chainguard/tigera-operator-fips-1.38pkg:apk/chainguard/tigera-operator-fips-1.40pkg:apk/chainguard/tigera-operator-fips-1.41pkg:apk/chainguard/trillian-fips-logserverpkg:apk/chainguard/trillian-fips-logsignerpkg:apk/chainguard/trillian-logserverpkg:apk/chainguard/trillian-logsignerpkg:apk/chainguard/vault-1.16pkg:apk/chainguard/vault-2.0pkg:apk/chainguard/vault-benchmarkpkg:apk/chainguard/vault-envpkg:apk/chainguard/vault-fips-2.0pkg:apk/chainguard/vault-secrets-operatorpkg:apk/chainguard/vault-secrets-operator-fipspkg:apk/chainguard/vault-secrets-webhookpkg:apk/chainguard/verticadb-operatorpkg:apk/chainguard/verticadb-operator-fipspkg:apk/chainguard/wal-g-pgpkg:apk/chainguard/weaviatepkg:apk/wolfi/amazon-cloudwatch-agentpkg:apk/wolfi/argo-cd-3.2pkg:apk/wolfi/argo-cd-3.2-compatpkg:apk/wolfi/argo-cd-3.3pkg:apk/wolfi/argo-cd-3.3-compatpkg:apk/wolfi/argo-eventspkg:apk/wolfi/argo-rolloutspkg:apk/wolfi/aws-flb-cloudwatchpkg:apk/wolfi/aws-flb-firehosepkg:apk/wolfi/aws-flb-kinesispkg:apk/wolfi/aws-node-termination-handlerpkg:apk/wolfi/aws-nukepkg:apk/wolfi/aws-otel-collectorpkg:apk/wolfi/aws-s3-controllerpkg:apk/wolfi/aws-sigv4-proxypkg:apk/wolfi/bank-vaultspkg:apk/wolfi/cert-exporterpkg:apk/wolfi/certificate-transparency-trillian-ctserverpkg:apk/wolfi/chartmuseumpkg:apk/wolfi/cloud-sql-proxy-2.16pkg:apk/wolfi/cloud-sql-proxy-2.18pkg:apk/wolfi/cloud-sql-proxy-2.21pkg:apk/wolfi/cloud-sql-proxy-2.22pkg:apk/wolfi/cluster-autoscaler-1.33pkg:apk/wolfi/cluster-autoscaler-1.34pkg:apk/wolfi/consul-k8s-1.6pkg:apk/wolfi/dapr-daprd-1.15pkg:apk/wolfi/dapr-daprd-1.16pkg:apk/wolfi/datadog-agent-7.77-fullpkg:apk/wolfi/datadog-agent-7.78-fullpkg:apk/wolfi/datadog-agent-7.79-fullpkg:apk/wolfi/distributionpkg:apk/wolfi/external-secrets-operator-2.2pkg:apk/wolfi/external-secrets-operator-2.3pkg:apk/wolfi/external-secrets-operator-2.4pkg:apk/wolfi/external-secrets-operator-2.5pkg:apk/wolfi/external-secrets-operator-2.6pkg:apk/wolfi/flytepkg:apk/wolfi/gatekeeper-3.21pkg:apk/wolfi/gatekeeper-3.22pkg:apk/wolfi/gitlab-docker-machine-18.10pkg:apk/wolfi/gitlab-docker-machine-18.11pkg:apk/wolfi/gitlab-docker-machine-19.0pkg:apk/wolfi/gitlab-docker-machine-19.1pkg:apk/wolfi/gitnesspkg:apk/wolfi/gitsignpkg:apk/wolfi/gomplate-5pkg:apk/wolfi/gostatsdpkg:apk/wolfi/grafana-12.2pkg:apk/wolfi/grafana-12.3pkg:apk/wolfi/grafana-12.4pkg:apk/wolfi/grafana-13.0pkg:apk/wolfi/grafana-agent-operatorpkg:apk/wolfi/grafana-mimir-3.0pkg:apk/wolfi/grafana-mimir-3.0-mimirtool-3.0pkg:apk/wolfi/grafana-pyroscope-1.13pkg:apk/wolfi/guacgqlpkg:apk/wolfi/harbor-2.13pkg:apk/wolfi/harbor-2.13-jobservicepkg:apk/wolfi/harbor-2.13-registryctlpkg:apk/wolfi/harbor-2.14pkg:apk/wolfi/harbor-2.14-jobservicepkg:apk/wolfi/harbor-2.14-registryctlpkg:apk/wolfi/harbor-registrypkg:apk/wolfi/k3dpkg:apk/wolfi/k3d-proxypkg:apk/wolfi/k3d-toolspkg:apk/wolfi/k8sgptpkg:apk/wolfi/kserve-agentpkg:apk/wolfi/kserve-localmodelpkg:apk/wolfi/kserve-managerpkg:apk/wolfi/kserve-modelmesh-servingpkg:apk/wolfi/kserve-routerpkg:apk/wolfi/kube-arangodb-1.4pkg:apk/wolfi/kubectl-argo-rolloutspkg:apk/wolfi/kubeflow-pipelines-apiserverpkg:apk/wolfi/kubeflow-profile-controllerpkg:apk/wolfi/kubernetes-event-exporterpkg:apk/wolfi/kubescapepkg:apk/wolfi/kubescape-operatorpkg:apk/wolfi/mattermost-10.11pkg:apk/wolfi/metrics-agentpkg:apk/wolfi/neuvector-scannerpkg:apk/wolfi/neuvector-scanner-taskpkg:apk/wolfi/newrelic-nri-statsdpkg:apk/wolfi/node-problem-detector-0.8pkg:apk/wolfi/node-problem-detector-1.35pkg:apk/wolfi/openbaopkg:apk/wolfi/opencostpkg:apk/wolfi/opentelemetry-collector-contribpkg:apk/wolfi/opentofu-1.9pkg:apk/wolfi/postgres-operatorpkg:apk/wolfi/prometheus-3.12pkg:apk/wolfi/prometheus-3.5pkg:apk/wolfi/promxypkg:apk/wolfi/rancher-2.11pkg:apk/wolfi/rancher-2.12pkg:apk/wolfi/rancher-2.13pkg:apk/wolfi/rancher-2.14pkg:apk/wolfi/rancher-agent-2.11pkg:apk/wolfi/rancher-agent-2.12pkg:apk/wolfi/rancher-agent-2.13pkg:apk/wolfi/rancher-agent-2.14pkg:apk/wolfi/rancher-machinepkg:apk/wolfi/rook-1.19pkg:apk/wolfi/rook-1.19-oci-compatpkg:apk/wolfi/s5cmdpkg:apk/wolfi/seaweedfspkg:apk/wolfi/slsa-verifierpkg:apk/wolfi/splunk-otel-collectorpkg:apk/wolfi/steampipepkg:apk/wolfi/step-capkg:apk/wolfi/tekton-chainspkg:apk/wolfi/teleport-17pkg:apk/wolfi/terraformpkg:apk/wolfi/terragruntpkg:apk/wolfi/tigera-operator-1.37pkg:apk/wolfi/tigera-operator-1.38pkg:apk/wolfi/tigera-operator-1.40pkg:apk/wolfi/tigera-operator-1.41pkg:apk/wolfi/trillian-logserverpkg:apk/wolfi/trillian-logsignerpkg:apk/wolfi/vault-benchmarkpkg:apk/wolfi/vault-envpkg:apk/wolfi/vault-secrets-webhookpkg:apk/wolfi/verticadb-operatorpkg:apk/wolfi/wal-g-pgpkg:apk/wolfi/weaviatepkg:golang/github.com/aws/aws-sdk-gopkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweed
< 0+ 546 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 5.5.2-r1
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 5.6.0-r11
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.34.0
- (no CPE)range: < 0.0.20241119T173509-1.1
- Google LLC/AWS S3 Crypto SDK for GoLangv5Range: stable
Patches
Vulnerability mechanics
References
10- github.com/advisories/GHSA-f5pg-7wfw-84q9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-8911ghsaADVISORY
- aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/ghsax_refsource_CONFIRMWEB
- bugzilla.redhat.com/show_bug.cgighsaWEB
- github.com/aws/aws-sdk-go/commit/1e84382fa1c0086362b5a4b68e068d4f8518d40eghsaWEB
- github.com/aws/aws-sdk-go/commit/ae9b9fd92af132cfd8d879809d8611825ba135f4ghsaWEB
- github.com/aws/aws-sdk-go/pull/3403ghsaWEB
- github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9ghsax_refsource_CONFIRMWEB
- github.com/sophieschmieg/exploits/tree/master/aws_s3_crypto_pocghsaWEB
- pkg.go.dev/vuln/GO-2022-0646ghsaWEB
News mentions
0No linked articles in our index yet.