Amazon Linux 2023 : cuda-visual-tools-12 (ALAS2023NVIDIA-2025-206)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-206 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2023 : cuda-cccl-13 (ALAS2023NVIDIA-2025-192)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-192 advisory. NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successfu...

Amazon Linux 2023 : libnvjitlink-12, libnvjitlink-devel-12 (ALAS2023NVIDIA-2025-198)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-198 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2 : redis, --advisory ALAS2REDIS6-2025-015 (ALASREDIS6-2025-015)

The version of redis installed on the remote host is prior to 6.2.20-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2025-015 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated use...

Amazon Linux 2023 : gds-tools-12, libcufile-12, libcufile-devel-12 (ALAS2023NVIDIA-2025-205)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-205 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2025-3037 (ALAS-2025-3037)

The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300059.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3037 advisory. go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data CVE-2025-11065...

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2025-070 (ALASNITRO-ENCLAVES-2025-070)

The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-070 advisory. Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis...

Amazon Linux 2023 : cuda-tools-12 (ALAS2023NVIDIA-2025-207)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-207 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2025-008 (ALASGIMP-2025-008)

The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2GIMP-2025-008 advisory. ZDI-CAN-27863: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10922 Tenable has...

Amazon Linux 2 : openssl11, --advisory ALAS2-2025-3033 (ALAS-2025-3033)

The version of openssl11 installed on the remote host is prior to 1.1.1zd-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3033 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an...

Amazon Linux 2023 : cuda-nvprof-12 (ALAS2023NVIDIA-2025-218)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-218 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2023 : nvidia (ALAS2023NVIDIA-2025-195)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-195 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2025-1216)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1216 advisory. When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706.Note that upgrading pip to a fixed version for this...

Amazon Linux 2023 : cuda-cudart-12, cuda-cudart-devel-12, cuda-driver-devel-12 (ALAS2023NVIDIA-2025-233)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-233 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2023 : docker (ALAS2023-2025-1213)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1213 advisory. Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld...

Amazon Linux 2023 : cuda-12 (ALAS2023NVIDIA-2025-238)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-238 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2023 : cuda-crt-12, cuda-nvcc-12, cuda-nvvm-12 (ALAS2023NVIDIA-2025-234)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-234 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2023 : libcusolver-12, libcusolver-devel-12 (ALAS2023NVIDIA-2025-202)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-202 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2023 : cuda-nvrtc-12, cuda-nvrtc-devel-12 (ALAS2023NVIDIA-2025-216)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-216 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

Amazon Linux 2 : openssl-snapsafe, --advisory ALAS2OPENSSL-SNAPSAFE-2025-008 (ALASOPENSSL-SNAPSAFE-2025-008)

The version of openssl-snapsafe installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2OPENSSL-SNAPSAFE-2025-008 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can...