amazon-ecs-init-1.103.2-1.1 on GA media (moderate)

amazon-ecs-init-1.103.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10871-1 Rating: moderate Cross-References: CVE-2026-39821 CVSS scores: CVE-2026-39821 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2026-39821 SUSE : 9.1...

OPENSUSE-SU-2026:10871-1 amazon-ecs-init-1.103.2-1.1 on GA media

These are all security issues fixed in the amazon-ecs-init-1.103.2-1.1 package on the GA media of openSUSE Tumbleweed...

amazon-ecs-init-1.103.0-2.1 on GA media (moderate)

amazon-ecs-init-1.103.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10848-1 Rating: moderate Cross-References: CVE-2026-33814 CVSS scores: CVE-2026-33814 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability ca...

OPENSUSE-SU-2026:10848-1 amazon-ecs-init-1.103.0-2.1 on GA media

These are all security issues fixed in the amazon-ecs-init-1.103.0-2.1 package on the GA media of openSUSE Tumbleweed...

Amazon ECS Container Agent (Windows) is vulnerable to Information Disclosure

Summary Amazon Elastic Container Service Amazon ECS is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. An issue exists where, under certain circumstances, improper input validation in the FSx Windows File Server volum...

CVE-2026-7461 OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials

Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a...

CVE-2026-7461

CVE-2026-7461 affects the FSx Windows File Server volume mounting component inside Amazon ECS Agent on Windows, prior to version 1.103.0. The root cause is improper neutralization of inputs used in an OS command, allowing a remote authenticated actor to run shell commands with SYSTEM privileges o...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: docker-compose-fips, omni-fips, gitlab-operator, harbor-fips, mailpit, tkn-fips, gitlab-workhorse-ce, prometheus-operator, gitlab-rails-ce-fips, mattermost-fips, vendir, knative-serving, k8ssandra-client, cert-manager, chezmoi, envconsul-fips, gitlab-kas, scorecard,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: docker-compose-fips, omni-fips, gitlab-operator, harbor-fips, mailpit, tkn-fips, gitlab-workhorse-ce, prometheus-operator, gitlab-rails-ce-fips, mattermost-fips, vendir, knative-serving, k8ssandra-client, cert-manager, chezmoi, envconsul-fips, gitlab-kas, scorecard,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: emissary, cluster-api-ipam-provider-in-cluster, minc-fips, pgwatch, jobset-fips, kubernetes-ingress-defaultbackend-fips, crossplane-provider-aws-cognitoidp-fips, crossplane-provider-aws-ssm, apache-exporter, nri-mongodb, cluster-api-provider-vsphere, yunikorn-k8shim,...

CVE-2026-25679 vulnerabilities

Vulnerabilities for packages: cluster-api-ipam-provider-in-cluster, minc-fips, pgwatch, jobset-fips, kube-logging-operator, kubernetes-ingress-defaultbackend-fips, apache-exporter, nri-mongodb, cluster-api-provider-vsphere, yunikorn-k8shim, json-exporter-fips, prometheus-stackdriver-exporter,...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: pgwatch, jobset-fips, apache-exporter, cluster-api-provider-vsphere, yunikorn-k8shim, json-exporter-fips, prometheus-stackdriver-exporter, docker-compose-fips, boring-registry, gitlab-operator, kubernetes-csi-external-resizer-fips, thanos-receive-controller,...

GHSA-WM7X-WW72-R77Q Information Disclosure in Amazon ECS Container Agent

Summary Amazon Elastic Container Service Amazon ECS is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. Amazon ECS container agent provides an introspection API that provides information about the overall state of the...

CVE-2025-9039 Information Disclosure in Amazon ECS Container Agent

We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is...

CVE-2025-9039 Information Disclosure in Amazon ECS Container Agent

We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is...

PT-2025-33310

Name of the Vulnerable Software and Affected Versions: Amazon ECS agent versions 0.0.3 through 1.97.0 Description: An issue was identified in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the sa...

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

Cybersecurity researchers have demonstrated an "end-to-end privilege escalation chain" in Amazon Elastic Container Service ECS that could be exploited by an attacker to conduct lateral movement, access sensitive data, and seize control of the cloud environment. The attack technique has been...

Elevating Security: Qualys Unveils First Solution for Scanning AWS Bottlerocket in Amazon EKS and Amazon ECS

With this new offering, Qualys establishes itself as the first and only vendor solution with the unique ability to scan AWS Bottlerocket instances directly using the Qualys Cloud Agent and TotalCloud Agent-less Snapshot-Based Scan. This innovative capability empowers organizations to...

SUSE SLES15 / openSUSE 15 Security Update : amazon-ecs-init (SUSE-SU-2023:3522-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:3522-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

SUSE-SU-2023:3522-1 Security update for amazon-ecs-init

This update of amazon-ecs-init fixes the following issues: - rebuild the package with the go 1.21 security release bsc1212475...