CVEs (3)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Amazon Aws3Aws Lc Sys Aws LibcryptoAws LibcryptoMar 11, 2026 Mar 2, 2026 8.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not n...Show more |
2Amazon Aws4Aws Lc Fips Sys Aws Lc SysAws Libcrypto+1 moreMar 11, 2026 Mar 2, 2026 8.2 HIGH· v4 5.9 MEDIUM· v3 N/A· v2 Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP...Show more |
2Amazon Aws3Aws Lc Sys Aws LibcryptoAws LibcryptoMar 11, 2026 Mar 2, 2026 8.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer. Customers...Show more |