VYPR

Amazon S3 Encryption Client Go

by AWS

Source repositories

CVEs (1)

  • CVE-2025-14764MedDec 17, 2025
    risk 0.27cvss 5.3epss 0.00

    Missing cryptographic key commitment in the Amazon S3 Encryption Client for Go may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata…