Important: qt5-qtsvg

Issue Overview: The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use after free. CVE-2025-10729 Affected Packages: qt5-qtsvg Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Low: compat-libtiff3

Issue Overview: A vulnerability was identified in LibTIFF 4.7.0. This issue affects the function May of the file tiffcrop.c of the component tiffcrop. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be...

Important: xmlrpc-c

Issue Overview: libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. Considering the tradeoff between the stability of Amazon Linux and the impact of CVE-2023-52425...

Important: squid

Issue Overview: Squid is a caching proxy for the Web. In Squid versions prior to 7.2, a failure to redact HTTP authentication credentials in error handling allows information disclosure. . This potentially allows a remote client to identify security tokens or credentials used internally by a web...

Important: sssd

Issue Overview: A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin sssdkrb5localauthplugin, allowing an attacker with permission to modify...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling CVE-2022-50053 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 Affected Packages:...

Medium: libxslt

Issue Overview: A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash. CVE-2025-10911 Affected Packages: libxslt Issue Correction: Run dnf update libxslt --releasever 2023.9.20251027 or dnf update...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration CVE-2025-38248 In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal...

Low: docker

Issue Overview: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails...

Amazon Linux 2023 : aspnetcore-runtime-9.0, aspnetcore-runtime-dbg-9.0, aspnetcore-targeting-pack-9.0 (ALAS2023-2025-1231)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1231 advisory. Improper link resolution before file access 'link following' in .NET allows an authorized attacker to elevate privileges locally. CVE-2025-55247 Inadequate encryption strength in .NET, .NET...

Critical: dotnet8.0

Issue Overview: Improper link resolution before file access 'link following' in .NET allows an authorized attacker to elevate privileges locally. CVE-2025-55247 Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a...

Amazon Linux 2023 : cuda-opencl-13, cuda-opencl-devel-13 (ALAS2023NVIDIA-2025-169)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-169 advisory. NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successfu...

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2025-071 (ALASNITRO-ENCLAVES-2025-071)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.10.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-071 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potential...

Amazon Linux 2 : ghostscript, --advisory ALAS2-2025-3018 (ALAS-2025-3018)

The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3018 advisory. Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfwritecmap in devices/vector/gdevpdtw.c...

Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2025-1215)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1215 advisory. Write-What-Where in libtiff via TIFFReadRGBAImageOriented CVE-2025-9900 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has no...

Amazon Linux 2 : openssl, --advisory ALAS2-2025-3034 (ALAS-2025-3034)

The version of openssl installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3034 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an out-of-bound...

Amazon Linux 2023 : libnvjpeg-13, libnvjpeg-devel-13 (ALAS2023NVIDIA-2025-150)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-150 advisory. NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successfu...

Amazon Linux 2 : gegl, --advisory ALAS2-2025-3030 (ALAS-2025-3030)

The version of gegl installed on the remote host is prior to 0.2.0-19. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3030 advisory. GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10921 Tenable has extracted the precedi...

Amazon Linux 2023 : nvidia-gds-12 (ALAS2023NVIDIA-2025-196)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-196 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2023 : libcublas-12, libcublas-devel-12 (ALAS2023NVIDIA-2025-204)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-204 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...