GMS-2020-6: CLI does not correctly implement strict mode
(updated )
In the affected versions, the AWS Encryption CLI operated in “discovery mode” even when “strict mode” was specified. Although decryption only succeeded if the user had permission to decrypt with at least one of the CMKs, decryption could be successful using a CMK that was not included in the user-defined set when the CLI was operating in “strict mode.”
Affected users should upgrade to Encryption CLI v1.8.x or v2.1.x as soon as possible.
References
Detect and mitigate GMS-2020-6 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →