Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2025-104 (ALASKERNEL-5.4-2025-104)

The version of kernel installed on the remote host is prior to 5.4.295-216.421. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-104 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix iasize underflow...

Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2025-1064)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1064 advisory. Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before...

Amazon Linux 2 : containerd (ALASDOCKER-2025-073)

The version of containerd installed on the remote host is prior to 2.0.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-073 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive...

Amazon Linux 2023 : valkey, valkey-devel (ALAS2023-2025-1067)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1067 advisory. Redis and Valkey contain a defect such that a well constructed hyperloglog can corrupt arbitrary memory on the heap, which could lead to remote code execution. CVE-2025-32023 Redis and Valkey...

Amazon Linux 2023 : cloud-init, cloud-init-cfg-ec2, cloud-init-cfg-onprem (ALAS2023-2025-1082)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1082 advisory. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration...

Amazon Linux 2023 : bpftool, kernel6.12, kernel6.12-modules-extra (ALAS2023-2025-1080)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1080 advisory. In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix out-of-range access of vnicinfo array CVE-2025-22112 In the Linux kernel, the following vulnerability has bee...

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2025-1077)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1077 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...

Amazon Linux 2023 : oci-add-hooks (ALAS2023-2025-1079)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1079 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...

Amazon Linux 2 : runc (ALASNITRO-ENCLAVES-2025-068)

The version of runc installed on the remote host is prior to 1.2.6-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-068 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive...

Amazon Linux 2 : python (ALAS-2025-2911)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2911 advisory. The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially...

Amazon Linux 2 : sudo (ALAS-2025-2924)

The version of sudo installed on the remote host is prior to 1.8.23-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2924 advisory. Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed...

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2025-066)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-066 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive...

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2025-1058)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1058 advisory. urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disab...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1054)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1054 advisory. A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using TC action mirred a local unprivileged...

Amazon Linux 2023 : python3.12, python3.12-devel, python3.12-idle (ALAS2023-2025-1056)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1056 advisory. The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service. CVE-2025-6069 Tenable has...

Amazon Linux 2023 : runfinch-finch (ALAS2023-2025-1073)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1073 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...

Amazon Linux 2 : containerd (ALASNITRO-ENCLAVES-2025-067)

The version of containerd installed on the remote host is prior to 2.0.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-067 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitiv...

Amazon Linux 2023 : sudo, sudo-devel, sudo-logsrvd (ALAS2023-2025-1070)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1070 advisory. Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. CVE-2025-324...

Amazon Linux 2023 : firefox (ALAS2023-2025-1055)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1055 advisory. A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox or tag, potentially making a website vulnerable to a cross- site scripting attac...

Amazon Linux 2023 : docker (ALAS2023-2025-1074)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1074 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...