Vulnerabilities > Amazon > AWS Encryption SDK
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-19 | CVE-2024-23680 | Improper Verification of Cryptographic Signature vulnerability in Amazon AWS Encryption SDK AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures. | 5.3 |
| 2020-11-16 | CVE-2020-8897 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Amazon AWS Encryption SDK A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. | 8.1 |