VDB

GCVE-110-CLOUD-2008-0001

GCVE-110-CLOUD-2008-0001
Advisory Published
Vulnetix · Advisory published December 18, 2008
When making authenticated API requests to AWS, the requests must be signed with your AWS access key. The initial signing algorithm, SigV1, was vulnerable to collisions. A person-in-the-middle attack would be able to modify signed requests via specially constructed collisions.

Affected Products

VendorProductVersionsPlatforms
AWSCloud Services

References

advisory

Browse GCVE Records

73,866 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›