Intel

AIKIDO-2026-449465

aws-java-sdk-s3 is vulnerable to Use of Unmaintained Third Party Components

Use of Unmaintained Third Party Components Pre-CVE
Found by Aikido Intel before public disclosure or CVE publication.
Published Jun 29, 2026

50

Medium Risk

This Affects:

Are you affected? Scan for Free

TL;DR

The com.amazonaws:aws-java-sdk-s3 package is no longer maintained.

Who does this affect?

You are affected if you are using this package.

Background info

aws-java-sdk-s3 is vulnerable to Use of Unmaintained Third Party Components in all versions.

How to fix this

Remove any com.amazonaws:aws-java-sdk-s3 package from your application and upgrade to software.amazon.awssdk:s3.