Amazon Linux 2 : cloud-init (ALAS-2025-2926)

The version of cloud-init installed on the remote host is prior to 19.3-46. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2926 advisory. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,...

Amazon Linux 2 : python3 (ALAS-2025-2923)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2923 advisory. There is an issue in CPython when using bytes.decodeunicodeescape, error=ignore|replace. If you are not using the...

Amazon Linux 2 : golist (ALAS-2025-2922)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2922 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information...

Amazon Linux 2 : xorg-x11-server (ALAS-2025-2918)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2918 advisory. A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-078)

The version of kernel installed on the remote host is prior to 5.15.184-125.189. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-078 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUGON when 0 reference...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-082 (ALASKERNEL-5.15-2025-082)

The version of kernel installed on the remote host is prior to 5.15.186-128.192. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-082 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race...

Amazon Linux 2 : python-cryptography (ALAS-2025-2930)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2930 advisory. python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext. CVE-2020-25659 Tenable has extracted the preceding...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-083)

The version of kernel installed on the remote host is prior to 5.15.59-33.133. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.15-2025-083 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: Cleanup CPU timers before...

Amazon Linux 2 : python-pip (ALAS-2025-2928)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2928 advisory. Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to versio...

Amazon Linux 2 : docker (ALASDOCKER-2025-070)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-070 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive...

Amazon Linux 2 : containerd (ALASDOCKER-2025-073)

The version of containerd installed on the remote host is prior to 2.0.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-073 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2025-104 (ALASKERNEL-5.4-2025-104)

The version of kernel installed on the remote host is prior to 5.4.295-216.421. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-104 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix iasize underflow...

Amazon Linux 2 : runc (ALASNITRO-ENCLAVES-2025-068)

The version of runc installed on the remote host is prior to 1.2.6-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-068 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive...

Amazon Linux 2 : sudo (ALAS-2025-2924)

The version of sudo installed on the remote host is prior to 1.8.23-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2924 advisory. Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed...

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2025-066)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-066 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive...

Amazon Linux 2 : python (ALAS-2025-2911)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2911 advisory. The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially...

Amazon Linux 2 : rclone (ALAS-2025-2905)

The version of rclone installed on the remote host is prior to 1.55.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2905 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF...

Amazon Linux 2 : thunderbird (ALAS-2025-2896)

The version of thunderbird installed on the remote host is prior to 128.11.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2896 advisory. A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's deskto...

Amazon Linux 2 : libblockdev (ALAS-2025-2895)

The version of libblockdev installed on the remote host is prior to 2.18-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2895 advisory. LPE from allowactive to root in libblockdev via udisks CVE-2025-6019 Tenable has extracted the preceding description block...

Amazon Linux 2 : kernel (ALAS-2025-2892)

The version of kernel installed on the remote host is prior to 4.14.311-233.529. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2892 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookupre...