19Oca
CVE-2024-23680 | Amazon AWS Encryption SDK for Java up to 1.9.0/2.2.0 ECDSA Signature signature verification
A vulnerability, which was classified as problematic, was found in Amazon AWS Encryption SDK for Java up to 1.9.0/2.2.0. This affects an unknown part of the component ECDSA Signature Handler. The manipulation leads to improper verification of cryptographic signature. This vulnerability is uniquely identified as CVE-2024-23680. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.