VYPR

RubyGems package

aws-sdk-s3

pkg:gem/aws-sdk-s3

Vulnerabilities (1)

  • CVE-2025-14762MedDec 17, 2025
    affected < 1.208.0fixed 1.208.0

    Missing cryptographic key commitment in the AWS SDK for Ruby may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitiga