Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2026-123 (ALASDOCKER-2026-123)

The version of soci-snapshotter installed on the remote host is prior to 0.13.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-123 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C...

Amazon Linux 2 : cni-plugins, --advisory ALAS2-2026-3311 (ALAS-2026-3311)

The version of cni-plugins installed on the remote host is prior to 1.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3311 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta...

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-104 (ALASNITRO-ENCLAVES-2026-104)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-104 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C...

Amazon Linux 2 : cri-tools, --advisory ALAS2-2026-3310 (ALAS-2026-3310)

The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3310 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta...

Amazon Linux 2 : containerd, --advisory ALAS2DOCKER-2026-120 (ALASDOCKER-2026-120)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-120 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory...

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2026-117 (ALASECS-2026-117)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-117 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

Amazon Linux 2 : golang, --advisory ALAS2-2026-3313 (ALAS-2026-3313)

The version of golang installed on the remote host is prior to 1.25.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3313 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a...

Amazon Linux 2023 : git-lfs (ALAS2023-2026-1722)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1722 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value refresh. A new GODEBU...

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2026-121 (ALASDOCKER-2026-121)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-121 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1743)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1743 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1753)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1753 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault CVE-2026-31456 In the Linux kernel, the following vulnerability h...

Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2026-119 (ALASDOCKER-2026-119)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-119 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory a...

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2DOCKER-2026-122 (ALASDOCKER-2026-122)

The version of oci-add-hooks installed on the remote host is prior to 0-0.10.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-122 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2NITRO-ENCLAVES-2026-107 (ALASNITRO-ENCLAVES-2026-107)

The version of oci-add-hooks installed on the remote host is prior to 0-0.10.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-107 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can...

Amazon Linux 2023 : cni-plugins (ALAS2023-2026-1723)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1723 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value refresh. A new GODEBU...

Amazon Linux 2023 : compat-golang-github-cpuguy83-md2man-2-devel, golang-github-cpuguy83-md2man, golang-github-cpuguy83-md2man-devel (ALAS2023-2026-1749)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1749 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 Within HostnameError.Error, when constructing ...

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-106 (ALASNITRO-ENCLAVES-2026-106)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-106 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigge...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-104 (ALASKERNEL-5.15-2026-104)

The version of kernel installed on the remote host is prior to 5.15.206-144.232. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2026-104 advisory. In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy...

Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1754)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1754 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: call -freefolio directly in foliounmapinvalidate CVE-2026-31589 In the Linux kernel, the following vulnerability has bee...

Amazon Linux 2023 : rclone (ALAS2023-2026-1717)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1717 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...