VYPR

Packagist (Composer) package

craftcms/aws-s3

pkg:composer/craftcms/aws-s3

Vulnerabilities (1)

  • CVE-2026-32265MedMar 18, 2026
    affected >= 2.0.2, < 2.2.5fixed 2.2.5

    The Amazon S3 for Craft CMS plugin provides an Amazon S3 integration for Craft CMS. In versions 2.0.2 through 2.2.4, unauthenticated users can view a list of buckets the plugin has access to. The `BucketsController->actionLoadBucketData()` endpoint allows unauthenticated users wi