Amazon EFS CSI Driver 安全漏洞

The Amazon EFS CSI Driver is an open-source component developed by the Kubernetes SIGs, used for mounting AWS File Storage in Kubernetes clusters. Previous versions of the Amazon EFS CSI Driver, such as 3.0.1, contained security vulnerabilities. These vulnerabilities stemmed from improper paramet...

Amazon Linux 2 : amazon-efs-utils, --advisory ALAS2-2026-3245 (ALAS-2026-3245)

The version of amazon-efs-utils installed on the remote host is prior to 3.0.0-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3245 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided t...

Amazon Linux 2023 : amazon-efs-utils (ALAS2023-2026-1564)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1564 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via...

Amazon Linux 2 : amazon-efs-utils, --advisory ALAS2-2025-3076 (ALAS-2025-3076)

The version of amazon-efs-utils installed on the remote host is prior to 2.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3076 advisory. regex is an implementation of regular expressions for the Rust language. The regex crate features built-in...

Important: amazon-efs-utils

Issue Overview: regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane...

Important: amazon-efs-utils

Issue Overview: regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane...

SUSE SLES15 / openSUSE 15 Security Update : aws-efs-utils (SUSE-SU-2025:3954-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3954-1 advisory. Update to version 2.3.3 bsc1240044. Security issues fixed: - CVE-2025-55159: slab: incorrect bounds check in...

EUVD-2022-7502

Malicious code in bioql PyPI...

CLSA-2025-1755623284 Update of amazon-efs-utils

Bump release...

CLSA-2025-1755622959 Update of amazon-efs-utils

Bump release...

Amazon Linux 2 : amazon-efs-utils (ALAS-2023-2342)

The version of amazon-efs-utils installed on the remote host is prior to 1.35.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2342 advisory. efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the...

Amazon Linux 2023 : amazon-efs-utils (ALAS2023-2023-437)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-437 advisory. efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to...

Medium: amazon-efs-utils

Issue Overview: efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to...

CVE-2022-46174

A potential race condition issue exists within the Amazon EFS mount helper in efs-utils and aws-efs-csi-driver when using TLS to mount file systems. The mount helper allocates a local port for stunnel to receive NFS connections prior to applying the TLS tunnel. In affected versions, concurrent...

efs-utils and aws-efs-csi-driver have race condition during concurrent TLS mounts

Impact A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below, and aws-efs-csi-driver versions v1.4.7 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS connections prior t...

CVE-2022-46174

efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS...

Race condition

efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS...

CVE-2022-46174 Race condition during concurrent TLS mounts in efs-utils

efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS...

CVE-2022-46174 Race condition during concurrent TLS mounts in efs-utils

efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS...

Amazon efs-utils 竞争条件问题漏洞

Amazon efs-utils is an EFS tool for Amazon by Amazon.com. A competing conditions vulnerability exists in Amazon efs-utils prior to v1.34.4, which stems from a potential competing conditions issue where concurrent mount operations may allocate the same local port, resulting in a failed mount...