10 matches found
Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2025-1116)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1116 advisory. The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service. CVE-2025-6069 Tenable has...
Amazon Linux 2023 : python3.12, python3.12-devel, python3.12-idle (ALAS2023-2025-1056)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1056 advisory. The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service. CVE-2025-6069 Tenable has...
Amazon Linux 2023 : curl, curl-minimal, libcurl (ALAS2023-2025-1043)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1043 advisory. When curl is asked to use HSTS, the expiry time for a subdomain mightoverwrite a parent domain's cache entry, making it end sooner or later thanotherwise intended. This affects curl using applications...
Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2025-1033)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1033 advisory. There is an issue in CPython when using bytes.decodeunicodeescape, error=ignore|replace. If you are not using the unicodeescape encoding or an error handler your usage is not affected. To work-around...
Amazon Linux 2023 : libsoup, libsoup-devel (ALAS2023-2025-997)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-997 advisory. A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the...
Amazon Linux 2023 : cuda-cccl-12 (ALAS2023NVIDIA-2025-121)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-121 advisory. NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute...
Amazon Linux 2023 : docker (ALAS2023-2025-987)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-987 advisory. containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum...
Amazon Linux 2023 : oci-add-hooks (ALAS2023-2025-978)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-978 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...
Amazon Linux 2023 : docker (ALAS2023-2025-945)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-945 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which...
Amazon Linux 2 : bcc (ALAS-2024-2551)
The version of bcc installed on the remote host is prior to 0.24.0-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2551 advisory. If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use...