Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3123 (ALAS-2026-3123)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3123 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version...

Amazon Linux 2 : libxml2, --advisory ALAS2-2026-3122 (ALAS-2026-3122)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3122 advisory. A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function...

Amazon Linux 2 : python-pip, --advisory ALAS2-2026-3126 (ALAS-2026-3126)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3126 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to...

Medium: python-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage an...

Medium: usbmuxd

Issue Overview: A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user. CVE-2025-66004 Affected Packages: usbmuxd Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extra...

Important: kernel-livepatch-5.10.245-241.976

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/ip6tunnel: Prevent perpetual tunnel growth CVE-2025-40173 Affected Packages: kernel-livepatch-5.10.245-241.976 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Important: qt5-qtbase

Issue Overview: Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component ...

Medium: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick's Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family...

Amazon Linux 2 : amazon-ssm-agent, --advisory ALAS2-2025-3121 (ALAS-2025-3121)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.3572.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3121 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy...

Amazon Linux 2 : grub2, --advisory ALAS2-2025-3107 (ALAS-2025-3107)

The version of grub2 installed on the remote host is prior to 2.06-14. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3107 advisory. A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS...

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2025-082 (ALASNITRO-ENCLAVES-2025-082)

The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-082 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-096 (ALASKERNEL-5.15-2025-096)

The version of kernel installed on the remote host is prior to 5.15.197-138.220. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-096 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicat...

Amazon Linux 2 : python-tornado, --advisory ALAS2-2025-3106 (ALAS-2025-3106)

The version of python-tornado installed on the remote host is prior to 4.2.1-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3106 advisory. Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, the supplied...

Amazon Linux 2 : libvirt, --advisory ALAS2-2025-3115 (ALAS-2025-3115)

The version of libvirt installed on the remote host is prior to 4.5.0-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3115 advisory. A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was perform...

Amazon Linux 2 : qt5-qtbase, --advisory ALAS2-2025-3102 (ALAS-2025-3102)

The version of qt5-qtbase installed on the remote host is prior to 5.15.3-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3102 advisory. Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Q...

Amazon Linux 2 : libpng, --advisory ALAS2-2025-3112 (ALAS-2025-3112)

The version of libpng installed on the remote host is prior to 1.5.13-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3112 advisory. A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed...

Amazon Linux 2 : httpd, --advisory ALAS2-2025-3099 (ALAS-2025-3099)

The version of httpd installed on the remote host is prior to 2.4.66-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3099 advisory. An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default...

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2NITRO-ENCLAVES-2025-080 (ALASNITRO-ENCLAVES-2025-080)

The version of oci-add-hooks installed on the remote host is prior to 0-0.6.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-080 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded...

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2ECS-2025-086 (ALASECS-2025-086)

The version of oci-add-hooks installed on the remote host is prior to 0-0.6.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-086 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain...

Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-3108 (ALAS-2025-3108)

The version of thunderbird installed on the remote host is prior to 140.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3108 advisory. Race condition in the Graphics component. This vulnerability affects Firefox 145, Firefox ESR 140.5, and Firefox ESR...