149 matches found
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-106 (ALASNITRO-ENCLAVES-2026-106)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-106 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigge...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2026-117 (ALASECS-2026-117)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-117 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2026-121 (ALASDOCKER-2026-121)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-121 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...
Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2026-1738)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1738 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-099 (ALASNITRO-ENCLAVES-2026-099)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-099 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow o...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2026-113 (ALASDOCKER-2026-113)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-113 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overfl...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2026-111 (ALASECS-2026-111)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-111 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow ...
(0Day) Docker Desktop credentialHelper Directory Traversal Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to escape the container and execute high-privileged code within the Docker Hyper-V VM in order to exploit this vulnerability. The specific flaw...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2026-109 (ALASDOCKER-2026-109)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-109 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...
Medium: amazon-ecr-credential-helper
Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...
Medium: amazon-ecr-credential-helper
Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2026-103 (ALASECS-2026-103)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-103 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...
Medium: amazon-ecr-credential-helper
Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...
Medium: amazon-ecr-credential-helper
Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...
Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2026-1574)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1574 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2026-098 (ALASDOCKER-2026-098)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-098 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service...
Medium: amazon-ecr-credential-helper
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-087 (ALASNITRO-ENCLAVES-2026-087)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-087 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of...
Medium: amazon-ecr-credential-helper
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
Medium: amazon-ecr-credential-helper
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...