64 matches found
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: kubedock-fips, crossplane-provider-sql-fips, velero, crossplane-provider-aws-backup, eksctl, caddy, harbor-registry-fips, crossplane-provider-aws-s3, backup-restore-operator-fips, crossplane-provider-azure-relay, fleet-server, crossplane-provider-aws-vpc-fips,...
Important: amazon-cloudwatch-agent
Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...
CLEANSTART-2026-GA28186 Security fixes for CVE-2026-41602 applied in versions: 1.300066.1-r0
Security vulnerability affects the amazon-cloudwatch-agent package. This issue is resolved in later releases. See references for vulnerability details...
CLEANSTART-2026-XQ84127 Security fixes for CVE-2025-47914, CVE-2025-58181, CVE-2026-29181, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3 applied in versions: 3.4.0-r0
Multiple security vulnerabilities affect the amazon-cloudwatch-agent-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
PT-2026-38516
These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10699-1 amazon-cloudwatch-agent-1.300066.1-1.1 on GA media
These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...
GHSA-MH2Q-Q3FH-2475 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ec2, haproxy-ingress, crossplane-provider-aws-iam, crossplane-provider-aws-memorydb, grafana-agent-operator, crossplane-provider-aws-firehose, flux-helm-controller, envoy-ratelimit, kubernetes-csi-driver-hostpath, cloud-provider-azure,...
CVE-2026-29181 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-ec2, haproxy-ingress, crossplane-provider-aws-iam, crossplane-provider-aws-memorydb, grafana-agent-operator, crossplane-provider-aws-firehose, flux-helm-controller, envoy-ratelimit, kubernetes-csi-driver-hostpath, cloud-provider-azure,...
Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2026-3248 (ALAS-2026-3248)
"The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300064.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3248 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: actions-runner-controller-fips, crossplane-provider-sql-fips, kind, crossplane-provider-aws-backup, atlantis-fips, docker-machine-driver-linode, caddy, cluster-api-provider-vsphere, eksctl, dask-gateway, extism, nginx-prometheus-exporter, harbor-registry-fips,...
GHSA-65XW-VW82-R86X vulnerabilities
Vulnerabilities for packages: telegraf, crossplane-provider-aws-backup, crossplane-provider-aws-kms, crossplane-provider-azure-authorization, crossplane-provider-aws-efs-fips, crossplane-provider-aws-s3, crossplane-provider-aws-firehose, elastic-agent-fips, nuclei,...
amazon-cloudwatch-agent-1.300064.0-2.1 on GA media (moderate)
amazon-cloudwatch-agent-1.300064.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10420-1 Rating: moderate Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-33186 SUSE : 8.6...
Medium: amazon-cloudwatch-agent
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
OPENSUSE-SU-2026:10420-1 amazon-cloudwatch-agent-1.300064.0-2.1 on GA media
These are all security issues fixed in the amazon-cloudwatch-agent-1.300064.0-2.1 package on the GA media of openSUSE Tumbleweed...
Medium: amazon-cloudwatch-agent
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
CVE-2026-25679 vulnerabilities
Vulnerabilities for packages: actions-runner-controller-fips, crossplane-provider-sql-fips, kind, nginx-prometheus-exporter, atlantis-fips, x509-certificate-exporter, cluster-api-provider-vsphere, dask-gateway, oauth2-proxy, nri-kubernetes, harbor-registry-fips, mattermost,...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: crossplane-provider-sql-fips, nginx-prometheus-exporter, x509-certificate-exporter, atlantis-fips, cluster-api-provider-vsphere, dask-gateway, oauth2-proxy, harbor-registry-fips, mattermost, crossplane-provider-aws-s3, backup-restore-operator-fips, fleet-server,...
Low: amazon-cloudwatch-agent
Issue Overview: No CVE associated with this advisory Affected Packages: amazon-cloudwatch-agent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update...
Low: amazon-cloudwatch-agent
Issue Overview: No CVE associated with this advisory Affected Packages: amazon-cloudwatch-agent Issue Correction: Run dnf update amazon-cloudwatch-agent --releasever 2023.10.20260216 or dnf update --advisory ALAS2023-2026-1442 --releasever 2023.10.20260216 to update your system. More information ...
CVE-2025-61730 vulnerabilities
Vulnerabilities for packages: runc, vitess, crossplane-provider-aws-ec2, knative-serving, crossplane-provider-aws-iam, grafana-rollout-operator, custom-pod-autoscaler, git-credential-oauth, local-static-provisioner, podinfo, crossplane-provider-aws-firehose, argo-cd, clickhouse-operator, sops,...