Amazon Aws Software Development Kit — known CVE vulnerabilities
Every CVE whose affected-product data names Amazon Aws Software Development Kit, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2018-19981 — CVSS 7.2 (high): Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS Temporary Credentials retrieved by AWS…
CVE-2023-51651 — CVSS 6.0 (medium): AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes…
CVE-2022-4725 — CVSS 5.5 (medium): A vulnerability was found in AWS SDK 2.59.0. It has been rated as critical. This issue affects the function XpathUtils of the file…
CVE-2022-2582 — CVSS 4.3 (medium): The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to…