{"id":"PYSEC-2020-261","details":"A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. Due to the non-committing property of AES-GCM (and other AEAD ciphers such as AES-GCM-SIV or (X)ChaCha20Poly1305) used by the SDKs to encrypt messages, an attacker can craft a unique cyphertext which will decrypt to multiple different results, and becomes especially relevant in a multi-recipient setting. We recommend users update their SDK to 2.0.0 or later.","aliases":["CVE-2020-8897","GHSA-wqgp-vphw-hphf"],"modified":"2025-10-09T06:53:18.019386Z","published":"2020-11-16T12:15:00Z","references":[{"type":"ARTICLE","url":"https://aws.amazon.com/blogs/security/improved-client-side-encryption-explicit-keyids-and-key-commitment/"},{"type":"ADVISORY","url":"https://github.com/google/security-research/security/advisories/GHSA-wqgp-vphw-hphf"}],"affected":[{"package":{"name":"aws-encryption-sdk","ecosystem":"PyPI","purl":"pkg:pypi/aws-encryption-sdk"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0"}]}],"versions":["1.2.0","1.2.2","1.3.0","1.3.1","1.3.2","1.3.3","1.3.4","1.3.5","1.3.6","1.3.7","1.3.8","1.4.0","1.4.1","1.7.1","1.9.0","1.10.0","1.10.1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/aws-encryption-sdk/PYSEC-2020-261.yaml"}}],"schema_version":"1.7.3"}