CVE-2025-14762 - AWS SDK for Ruby Cryptographic Key Commitment Vulnerability

CVE ID : CVE-2025-14762 Published : Dec. 17, 2025, 8:15 p.m. | 37 minutes ago Description : The AWS SDK for Ruby is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. Missing cryptographic key commitment in the AWS SDK for Ruby may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an

Source: Telegram CVE Monitor