Amazon Linux 2023 : python3-pyasn1, python3-pyasn1-modules (ALAS2023-2026-1417)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1417 advisory. pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. Th...

Amazon Linux 2 : aws-nitro-enclaves-cli, --advisory ALAS2NITRO-ENCLAVES-2026-086 (ALASNITRO-ENCLAVES-2026-086)

The version of aws-nitro-enclaves-cli installed on the remote host is prior to 1.4.4-0. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2026-086 advisory. openssl: rust-openssl Use-After-Free in Md::fetch and Cipher::fetch CVE-2025-3416 Tenable has extracted...

Amazon Linux 2023 : mod_security_crs (ALAS2023-2026-1399)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1399 advisory. The OWASP core rule set CRS is a set of generic attack detection rules for use with compatible web application firewalls. Prior to versions 4.22.0 and 3.3.8, the current rule 922110 has a bug when...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps CVE-2025-40170 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections CVE-2025-68206 In the Linux kernel...

Important: kernel-livepatch-6.1.158-180.294

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields CVE-2025-40254 Affected Packages: kernel-livepatch-6.1.158-180.294 Issue Correction: Please ensure you have live patching enabled. Run dnf upda...

Important: python3.13-wheel

Issue Overview: wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.46.1 and below, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-111 (ALASKERNEL-5.10-2026-111)

The version of kernel installed on the remote host is prior to 5.10.247-246.992. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.10-2026-111 advisory. In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu CVE-2025-40075...

Amazon Linux 2 : java-1.8.0-amazon-corretto, --advisory ALAS2CORRETTO8-2026-022 (ALASCORRETTO8-2026-022)

The version of java-1.8.0-amazon-corretto installed on the remote host is prior to 1.8.0482.b08-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2CORRETTO8-2026-022 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise...

Amazon Linux 2 : python-pip, --advisory ALAS2-2026-3147 (ALAS-2026-3147)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3147 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire respon...

Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1404)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1404 advisory. Bypass File System Permissions using crafted symlinks CVE-2025-55130 A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using th...

Amazon Linux 2023 : python3.13-pip, python3.13-pip-wheel (ALAS2023-2026-1413)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1413 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire...

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3155 (ALAS-2026-3155)

The version of nerdctl installed on the remote host is prior to 2.2.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3155 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program ...

Amazon Linux 2023 : libsoup, libsoup-devel (ALAS2023-2026-1391)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1391 advisory. A flaw in libsoup's HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, ...

Amazon Linux 2023 : libpng, libpng-devel, libpng-static (ALAS2023-2026-1390)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1390 advisory. LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-rea...

Amazon Linux 2 : kernel, --advisory ALAS2-2026-3161 (ALAS-2026-3161)

The version of kernel installed on the remote host is prior to 4.14.355-280.713. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3161 advisory. In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: prevent perpetual headroom grow...

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2026-1416)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1416 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2026-117 (ALASKERNEL-5.4-2026-117)

The version of kernel installed on the remote host is prior to 5.4.302-222.455. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.4-2026-117 advisory. In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu CVE-2025-40075...

Amazon Linux 2 : capstone, --advisory ALAS2-2026-3133 (ALAS-2026-3133)

The version of capstone installed on the remote host is prior to 3.0.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3133 advisory. Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds- checked, so a user-provide...

Amazon Linux 2 : rsync, --advisory ALAS2-2026-3157 (ALAS-2026-3157)

The version of rsync installed on the remote host is prior to 3.1.2-11. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3157 advisory. A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a...

Medium: rsync

Issue Overview: A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue. CVE-2025-101...