漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go
Vulnerability Description
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AWS SDK for Android 加密问题漏洞
Vulnerability Description
AWS SDK for Android是AWS Amplify开源的一个适用于 Android的 AWS SDK。 AWS SDK for Android 存在安全漏洞,该漏洞源于将明文的未加密哈希与密文一起作为元数据字段发送。 如果攻击者可读该散列,则该散列可用于暴力破解明文。
CVSS Information
N/A
Vulnerability Type
N/A