VYPR

NuGet package

amazon.extensions.s3.encryption

pkg:nuget/amazon.extensions.s3.encryption

Vulnerabilities (1)

  • CVE-2025-14759MedDec 17, 2025
    affected < 3.2.0fixed 3.2.0

    Missing cryptographic key commitment in the Amazon S3 Encryption Client for .NET may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata