Aws Aws-lc-fips
2 CVEs affecting Aws Aws-lc-fips. Latest disclosed: 2026-03-19. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-4428 | High | 7.4 | 2026-03-19 | A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a… |
CVE-2026-3337 | Medium | 5.9 | 2026-03-02 | Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing an… |