CNNVD-202601-1738 Information

CNNVD ID

CNNVD-202601-1738

Related CVE

CVE-2026-22611

• CNNVD Published: 2026-01-10

Description (Chinese)

AWS SDK for .NET是Amazon Web Services开源的一个开发者套件。 AWS SDK for .NET 4.0.0版本至4.0.3.3之前版本存在输入验证错误漏洞，该漏洞源于区域输入字段可被设置为无效值，可能导致AWS API调用被错误路由。

Description (English)

AWS SDK for.NET is a developer package for Amazon Web Services open source. AWS SDK for.NET version 4.0.0 to 4.0.3.3 has an input validation error loophole, which arises from the fact that the area input field can be set to invalid, which may lead to the AWS API call being misrouted.

Hazard Level

Critical

Vulnerability Type

输入验证错误

Affected Vendor

Amazon Web Services

Published

2026-01-10

Last Modified

2026-02-24

References

https://github.com/aws/aws-sdk-net/security/advisories/GHSA-9cvc-h2w8-phrp https://access.redhat.com/security/cve/cve-2026-22611

Patch

https://github.com/aws/aws-sdk-net/releases