VYPR

Go modules package

github.com/aws/amazon-s3-encryption-client-go/v3

pkg:golang/github.com/aws/amazon-s3-encryption-client-go/v3

Vulnerabilities (1)

  • CVE-2025-14764MedDec 17, 2025
    affected < 4.0.0fixed 4.0.0

    Missing cryptographic key commitment in the Amazon S3 Encryption Client for Go may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata r