3 matches found
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2025-087 (ALASECS-2025-087)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-087 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain...
Important: containerd
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
Medium: docker
Issue Overview: containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container...