45 matches found
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: packer-fips, gcp-compute-persistent-disk-csi-driver-fips, redpanda, eck-operator-fips, trident-fips, crossplane-provider-azure-signalrservice, spire-server, k8s-agents-operator-fips, temporal-server-fips, ansible-operator-fips, containerd-fips, grype-db,...
Important: amazon-cloudwatch-agent
Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...
CLEANSTART-2026-GA28186 Security fixes for CVE-2026-41602 applied in versions: 1.300066.1-r0
Security vulnerability affects the amazon-cloudwatch-agent package. This issue is resolved in later releases. See references for vulnerability details...
OPENSUSE-SU-2026:10699-1 amazon-cloudwatch-agent-1.300066.1-1.1 on GA media
These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-38516
These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...
GHSA-MH2Q-Q3FH-2475 vulnerabilities
Vulnerabilities for packages: modelmesh-runtime-adapter, crossplane-provider-aws-s3, crossplane-provider-aws-eks, crossplane-provider-aws-kms, src, metallb, kubernetes-csi-driver-hostpath, crossplane-provider-aws-lambda, crossplane-provider-aws-dynamodb, crossplane-provider-aws-route53,...
Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2026-3248 (ALAS-2026-3248)
"The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300064.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3248 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: terraform-provider-pagerduty-fips, gcp-compute-persistent-disk-csi-driver-fips, kube-fluentd-operator, langfuse-fips, prometheus-elasticsearch-exporter-fips, redpanda, esbuild, policy-bot, spire-server, ipfs-cluster-fips, minc, spire-controller-manager-fips,...
amazon-cloudwatch-agent-1.300064.0-2.1 on GA media (moderate)
amazon-cloudwatch-agent-1.300064.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10420-1 Rating: moderate Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-33186 SUSE : 8.6...
Medium: amazon-cloudwatch-agent
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
Medium: amazon-cloudwatch-agent
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
Low: amazon-cloudwatch-agent
Issue Overview: No CVE associated with this advisory Affected Packages: amazon-cloudwatch-agent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update...
Low: amazon-cloudwatch-agent
Issue Overview: No CVE associated with this advisory Affected Packages: amazon-cloudwatch-agent Issue Correction: Run dnf update amazon-cloudwatch-agent --releasever 2023.10.20260216 or dnf update --advisory ALAS2023-2026-1442 --releasever 2023.10.20260216 to update your system. More information ...
GHSA-XVQR-69V8-F3GV vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, croc, nri-cassandra, nri-memcached, crossplane-provider-aws-s3, go-jsonnet, src, openbao-k8s, authservice, telegraf, cluster-autoscaler, manifest-tool, kube-arangodb, mountpoint-s3-csi-driver, azure-service-operator, wuzz,...
CVE-2025-61726 vulnerabilities
Vulnerabilities for packages: calico, gcp-compute-persistent-disk-csi-driver, grpcurl, modelmesh-runtime-adapter, pguser, sftpgo-plugin-geoipfilter, chisel, croc, sriov-network-device-plugin, xeol, crossplane-provider-aws-s3, ksops, maru, kubelet-csr-approver, src, openbao-k8s,...
GHSA-GR56-3GP6-6GMJ vulnerabilities
Vulnerabilities for packages: calico, gcp-compute-persistent-disk-csi-driver, grpcurl, modelmesh-runtime-adapter, pguser, sftpgo-plugin-geoipfilter, chisel, croc, sriov-network-device-plugin, xeol, crossplane-provider-aws-s3, ksops, maru, kubelet-csr-approver, src, openbao-k8s,...
Medium: amazon-cloudwatch-agent
Issue Overview: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data CVE-2025-11065 Affected Packages: amazon-cloudwatch-agent Issue Correction: Run dnf update amazon-cloudwatch-agent --releasever 2023.9.20251014 or dnf update --advisory ALAS2023-2025-1224...
EUVD-2022-7662
Malicious code in bioql PyPI...
Amazon Linux 2 : amazon-cloudwatch-agent (ALAS-2025-2904)
The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300055.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2904 advisory. The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus...
Medium: amazon-cloudwatch-agent
Issue Overview: The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result i...