Low: docker

Issue Overview: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails...

Important: squid

Issue Overview: Squid is a caching proxy for the Web. In Squid versions prior to 7.2, a failure to redact HTTP authentication credentials in error handling allows information disclosure. . This potentially allows a remote client to identify security tokens or credentials used internally by a web...

Important: kernel-livepatch-4.14.355-280.695

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid CVE-2023-53530 Affected Packages: kernel-livepatch-4.14.355-280.695 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2025-070 (ALASNITRO-ENCLAVES-2025-070)

The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-070 advisory. Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis...

Amazon Linux 2 : redis, --advisory ALAS2REDIS6-2025-015 (ALASREDIS6-2025-015)

The version of redis installed on the remote host is prior to 6.2.20-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2025-015 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated use...

Amazon Linux 2 : openssl11, --advisory ALAS2-2025-3033 (ALAS-2025-3033)

The version of openssl11 installed on the remote host is prior to 1.1.1zd-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3033 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an...

Amazon Linux 2 : cups, --advisory ALAS2-2025-3028 (ALAS-2025-3028)

The version of cups installed on the remote host is prior to 1.6.3-51. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3028 advisory. A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is...

Amazon Linux 2 : libtiff, --advisory ALAS2-2025-3020 (ALAS-2025-3020)

The version of libtiff installed on the remote host is prior to 4.0.3-35. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3020 advisory. Write-What-Where in libtiff via TIFFReadRGBAImageOriented CVE-2025-9900 Tenable has extracted the preceding description block...

Amazon Linux 2 : openssl-snapsafe, --advisory ALAS2OPENSSL-SNAPSAFE-2025-008 (ALASOPENSSL-SNAPSAFE-2025-008)

The version of openssl-snapsafe installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2OPENSSL-SNAPSAFE-2025-008 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can...

Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2025-3037 (ALAS-2025-3037)

The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300059.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3037 advisory. go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data CVE-2025-11065...

Amazon Linux 2 : gegl, --advisory ALAS2-2025-3030 (ALAS-2025-3030)

The version of gegl installed on the remote host is prior to 0.2.0-19. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3030 advisory. GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10921 Tenable has extracted the precedi...

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2025-071 (ALASNITRO-ENCLAVES-2025-071)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.10.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-071 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potential...

Amazon Linux 2 : postgresql, --advisory ALAS2-2025-3035 (ALAS-2025-3035)

The version of postgresql installed on the remote host is prior to 9.2.24-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3035 advisory. Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for...

Amazon Linux 2 : sox, --advisory ALAS2-2025-3032 (ALAS-2025-3032)

The version of sox installed on the remote host is prior to 14.4.1-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3032 advisory. A floating point exception divide-by-zero issue was discovered in SoX in functon startread of wav.c file. An attacker with a crafted w...

Amazon Linux 2 : qemu, --advisory ALAS2-2025-3031 (ALAS-2025-3031)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3031 advisory. A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoi...

Amazon Linux 2 : polkit, --advisory ALAS2-2025-3024 (ALAS-2025-3024)

The version of polkit installed on the remote host is prior to 0.112-26. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3024 advisory. A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be...

Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2025-008 (ALASGIMP-2025-008)

The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2GIMP-2025-008 advisory. ZDI-CAN-27863: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10922 Tenable has...

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2025-075 (ALASECS-2025-075)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.10.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-075 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking...

Amazon Linux 2 : openssl, --advisory ALAS2-2025-3034 (ALAS-2025-3034)

The version of openssl installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3034 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an out-of-bound...

Medium: openssl

Issue Overview: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds...