Important: glib2

Issue Overview: A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the...

Amazon Linux 2 : glib2, --advisory ALAS2-2025-3094 (ALAS-2025-3094)

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3094 advisory. A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring...

Amazon Linux 2 : postgresql, --advisory ALAS2POSTGRESQL14-2025-021 (ALASPOSTGRESQL14-2025-021)

The version of postgresql installed on the remote host is prior to 14.20-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2025-021 advisory. Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of...

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2025-048 (ALASFIREFOX-2025-048)

The version of firefox installed on the remote host is prior to 140.5.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-048 advisory. A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2025-115 (ALASKERNEL-5.4-2025-115)

The version of kernel installed on the remote host is prior to 5.4.301-221.450. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.4-2025-115 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum ==...

Amazon Linux 2 : unbound, --advisory ALAS2-2025-3095 (ALAS-2025-3095)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3095 advisory. NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that...

Amazon Linux 2 : kernel, --advisory ALAS2-2025-3090 (ALAS-2025-3090)

The version of kernel installed on the remote host is prior to 4.14.355-280.710. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3090 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL...

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2025-047 (ALASFIREFOX-2025-047)

The version of firefox installed on the remote host is prior to 140.5.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-047 advisory. Race condition in the Graphics component. This vulnerability affects Firefox 145, Firefox ESR 140.5, and Firefox E...

Amazon Linux 2 : bind, --advisory ALAS2-2025-3093 (ALAS-2025-3093)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3093 advisory. Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data...

Amazon Linux 2 : python-kdcproxy, --advisory ALAS2-2025-3085 (ALAS-2025-3085)

The version of python-kdcproxy installed on the remote host is prior to 0.3.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3085 advisory. If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by...

Amazon Linux 2 : curl, --advisory ALAS2-2025-3088 (ALAS-2025-3088)

The version of curl installed on the remote host is prior to 8.3.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3088 advisory. wcurl path traversal with percent-encoded slashes URLs containing percent-encoded slashes / or \ can trick wcurl into saving the outpu...

Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-3091 (ALAS-2025-3091)

The version of thunderbird installed on the remote host is prior to 140.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3091 advisory. A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with...

Amazon Linux 2 : audiofile, --advisory ALAS2-2025-3087 (ALAS-2025-3087)

The version of audiofile installed on the remote host is prior to 0.3.6-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3087 advisory. Audiofile v0.3.7 was discovered to contain a NULL pointer dereference via the ModuleState::setup function. CVE-2025-50950 Tenabl...

Amazon Linux 2 : cups-filters, --advisory ALAS2-2025-3082 (ALAS-2025-3082)

The version of cups-filters installed on the remote host is prior to 1.0.35-26. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3082 advisory. CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the...

Important: glib2

Issue Overview: A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the...

Amazon Linux 2 : containerd, --advisory ALAS2ECS-2025-084 (ALASECS-2025-084)

The version of containerd installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-084 advisory. containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta...

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2025-078 (ALASNITRO-ENCLAVES-2025-078)

The version of containerd installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-078 advisory. containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6,...

Amazon Linux 2 : containerd, --advisory ALAS2DOCKER-2025-086 (ALASDOCKER-2025-086)

The version of containerd installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-086 advisory. containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6,...

Medium: containerd

Issue Overview: containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...

GHSA-G7RM-8PW5-WVG2 vulnerabilities

Vulnerabilities for packages: linux-gcp, linux-azure, linux-aws...