Amazon Linux 2 : glib2, --advisory ALAS2-2025-3117 (ALAS-2025-3117)

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3117 advisory. Buffer underflow on Glib through glib/gvariant via bytestringparse or stringparse leads to OOB Write. CVE-2025-14087 Tenable has...

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2025-049 (ALASFIREFOX-2025-049)

The version of firefox installed on the remote host is prior to 140.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-049 advisory. Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox 146 and Firefox ESR 140.6...

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2025-084 (ALASNITRO-ENCLAVES-2025-084)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-084 advisory. Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be...

Amazon Linux 2 : amazon-ssm-agent, --advisory ALAS2-2025-3121 (ALAS-2025-3121)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.3572.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3121 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy...

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2025-083 (ALASNITRO-ENCLAVES-2025-083)

The version of containerd installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-083 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may...

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2NITRO-ENCLAVES-2025-080 (ALASNITRO-ENCLAVES-2025-080)

The version of oci-add-hooks installed on the remote host is prior to 0-0.6.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-080 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded...

Amazon Linux 2 : runc, --advisory ALAS2NITRO-ENCLAVES-2025-081 (ALASNITRO-ENCLAVES-2025-081)

The version of runc installed on the remote host is prior to 1.3.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-081 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2ECS-2025-086 (ALASECS-2025-086)

The version of oci-add-hooks installed on the remote host is prior to 0-0.6.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-086 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain...

Amazon Linux 2 : cni-plugins, --advisory ALAS2-2025-3098 (ALAS-2025-3098)

The version of cni-plugins installed on the remote host is prior to 1.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3098 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...

Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2025-090 (ALASDOCKER-2025-090)

The version of soci-snapshotter installed on the remote host is prior to 0.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-090 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint...

Amazon Linux 2 : docker, --advisory ALAS2ECS-2025-090 (ALASECS-2025-090)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-090 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the progr...

Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2025-089 (ALASDOCKER-2025-089)

The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-089 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate...

Amazon Linux 2 : runc, --advisory ALAS2ECS-2025-089 (ALASECS-2025-089)

The version of runc installed on the remote host is prior to 1.3.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-089 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificat...

Amazon Linux 2 : golist, --advisory ALAS2-2025-3119 (ALAS-2025-3119)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3119 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...

Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2025-3120 (ALAS-2025-3120)

The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300062.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3120 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which m...

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2025-087 (ALASDOCKER-2025-087)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-087 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomai...

Amazon Linux 2 : runc, --advisory ALAS2DOCKER-2025-088 (ALASDOCKER-2025-088)

The version of runc installed on the remote host is prior to 1.3.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-088 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...

Amazon Linux 2 : cri-tools, --advisory ALAS2-2025-3097 (ALAS-2025-3097)

The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3097 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...

Amazon Linux 2 : golang-github-cpuguy83-go-md2man, --advisory ALAS2-2025-3118 (ALAS-2025-3118)

The version of golang-github-cpuguy83-go-md2man installed on the remote host is prior to 1.0.4-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3118 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain...

Amazon Linux 2 : golang, --advisory ALAS2-2025-3105 (ALAS-2025-3105)

The version of golang installed on the remote host is prior to 1.24.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3105 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...