Amazon Linux 2 : LibRaw (ALAS-2025-2954)

The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2954 advisory. In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1...

Amazon Linux 2 : java-1.8.0-amazon-corretto (ALASCORRETTO8-2025-020)

The version of java-1.8.0-amazon-corretto installed on the remote host is prior to 1.8.0462.b08-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2CORRETTO8-2025-020 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise...

Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2025-2956)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.462.b08-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2956 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product ...

Amazon Linux 2 : pixman (ALAS-2025-2945)

The version of pixman installed on the remote host is prior to 0.34.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2945 advisory. In libpixman in Pixman before 0.42.2, there is an out-of-bounds write aka heap-based buffer overflow in rasterizeedges8 due to an...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2025-2940)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.28+6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2940 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

Amazon Linux 2 : mtr (ALAS-2025-2937)

The version of mtr installed on the remote host is prior to 0.92-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2937 advisory. mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable...

Amazon Linux 2 : python-pip (ALAS-2025-2935)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2935 advisory. urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable...

Amazon Linux 2 : jq (ALAS-2025-2943)

The version of jq installed on the remote host is prior to 1.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2943 advisory. jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index...

Medium: docker

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: docker Note: This advisory is applicable to Amazon Linux 2 - Ecs Extra. Visit this page to learn more about Amazon Lin...

Important: libxml2

Issue Overview: libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Type confusion leads to Denial of service DoS CVE-2025-49796 Affected Packages: libxml2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-084 (ALASKERNEL-5.15-2025-084)

The version of kernel installed on the remote host is prior to 5.15.187-130.192. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-084 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: don't drop extentmap for free...

Medium: gimp

Issue Overview: GIMP FLI file parsing out-of-bounds heap overflow. CVE-2025-2761 Affected Packages: gimp Note: This advisory is applicable to Amazon Linux 2 - Gimp Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL2 Core and AL2...

Medium: runc

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: runc Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to learn more about...

Medium: containerd

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: containerd Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to learn more...

Medium: runfinch-finch

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: runfinch-finch Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-082 (ALASKERNEL-5.15-2025-082)

The version of kernel installed on the remote host is prior to 5.15.186-128.192. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-082 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-078)

The version of kernel installed on the remote host is prior to 5.15.184-125.189. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-078 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUGON when 0 reference...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-083)

The version of kernel installed on the remote host is prior to 5.15.59-33.133. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.15-2025-083 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: Cleanup CPU timers before...

Amazon Linux 2 : python-cryptography (ALAS-2025-2930)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2930 advisory. python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext. CVE-2020-25659 Tenable has extracted the preceding...

Medium: oci-add-hooks

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: oci-add-hooks Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about...