aws/aws-sdk-php

Packagist3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting aws/aws-sdk-phppage 1 of 1

CVE-2015-5723HIGHCVSS 7.8EG 7.8✓ Fixed in 3.2.1
2016-06-07
vulnerable: 3.0.0 ... 3.2.0 (10 versions)
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writa…
CVE-2023-51651MEDIUMCVSS 6.0EG 6.0✓ Fixed in 3.288.1
2023-12-22
vulnerable: 2.0.0 ... 3.99.4 (1831 versions)
AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the `buildEndpo…
CVE-2025-14761MEDIUMCVSS 5.3EG 5.3✓ Fixed in 3.368.0
2025-12-17
vulnerable: 2.0.0 ... 3.99.4 (2340 versions)
Missing cryptographic key commitment in the AWS SDK for PHP may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" inst…

Check whether aws/aws-sdk-php is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for aws/aws-sdk-php CVEs against the assets you own.

Start Free Scan →