807 matches found
Important: compat-libtiff3
Issue Overview: Write-What-Where in libtiff via TIFFReadRGBAImageOriented CVE-2025-9900 Affected Packages: compat-libtiff3 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correctio...
Important: gegl
Issue Overview: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10921 Affected Packages: gegl Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-50410 In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev...
Medium: openssl
Issue Overview: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds...
Medium: edk2
Issue Overview: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds...
Critical: 389-ds-base
Issue Overview: A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM...
Amazon Linux 2 : 389-ds-base, --advisory ALAS2-2025-3025 (ALAS-2025-3025)
The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3025 advisory. A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to...
Amazon Linux 2 : ipa, --advisory ALAS2-2025-3026 (ALAS-2025-3026)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3026 advisory. A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While...
Amazon Linux 2 : cups, --advisory ALAS2-2025-3012 (ALAS-2025-3012)
The version of cups installed on the remote host is prior to 1.6.3-51. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3012 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, ...
Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-3008 (ALAS-2025-3008)
The version of thunderbird installed on the remote host is prior to 140.3.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3008 advisory. Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox 143,...
Amazon Linux 2 : openjpeg2, --advisory ALAS2-2025-3007 (ALAS-2025-3007)
The version of openjpeg2 installed on the remote host is prior to 2.4.0-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3007 advisory. openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c. CVE-2025-50952 Tenable ha...
Amazon Linux 2 : LibRaw, --advisory ALAS2-2025-3016 (ALAS-2025-3016)
The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3016 advisory. There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitra...
Amazon Linux 2 : GraphicsMagick, --advisory ALAS2GRAPHICSMAGICK1.3-2025-004 (ALASGRAPHICSMAGICK1.3-2025-004)
The version of GraphicsMagick installed on the remote host is prior to 1.3.45-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2GRAPHICSMAGICK1.3-2025-004 advisory. ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits...
Amazon Linux 2 : optipng, --advisory ALAS2-2025-3011 (ALAS-2025-3011)
The version of optipng installed on the remote host is prior to 0.7.7-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3011 advisory. OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c. CVE-2023-43907 Tenable ha...
Amazon Linux 2 : kernel, --advisory ALAS2-2025-3013 (ALAS-2025-3013)
The version of kernel installed on the remote host is prior to 4.14.355-280.695. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3013 advisory. In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling CVE-2022-50053 ...
Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2025-043 (ALASFIREFOX-2025-043)
The version of firefox installed on the remote host is prior to 140.3.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-043 advisory. Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox 143,...
Amazon Linux 2 : amazon-ssm-agent, --advisory ALAS2-2025-3010 (ALAS-2025-3010)
The version of amazon-ssm-agent installed on the remote host is prior to 3.3.3050.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3010 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line...
Medium: LibRaw
Issue Overview: There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system. CVE-2021-3624 Affected Packages: LibRaw Note: This advisory is applicable to Amazon Linux 2 AL2 Core...
Medium: openjpeg2
Issue Overview: openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c. CVE-2025-50952 Affected Packages: openjpeg2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core a...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX CVE-2022-48827 In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix iasize underflow CVE-2022-48828 In the Linux kernel, the following...