Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-102 (ALASKERNEL-5.10-2025-102)

The version of kernel installed on the remote host is prior to 5.10.240-238.955. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.10-2025-102 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-103 (ALASKERNEL-5.10-2025-103)

The version of kernel installed on the remote host is prior to 5.10.240-238.966. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-103 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new...

Amazon Linux 2 : postgresql, --advisory ALAS2POSTGRESQL13-2025-012 (ALASPOSTGRESQL13-2025-012)

The version of postgresql installed on the remote host is prior to 13.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL13-2025-012 advisory. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access...

Low: samba

Issue Overview: All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via...

Medium: cairo

Issue Overview: An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory dump. CVE-2025-50422 Affected Packages: cairo Note: This advisory is applicable ...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later CVE-2022-49935 In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in...

Amazon Linux 2 : giflib, --advisory ALAS2-2025-2987 (ALAS-2025-2987)

The version of giflib installed on the remote host is prior to 4.1.6-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2987 advisory. Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the...

Amazon Linux 2 : rust, --advisory ALAS2-2025-2978 (ALAS-2025-2978)

The version of rust installed on the remote host is prior to 1.86.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2978 advisory. There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns...

Amazon Linux 2 : compat-libtiff3, --advisory ALAS2-2025-2986 (ALAS-2025-2986)

The version of compat-libtiff3 installed on the remote host is prior to 3.9.4-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2986 advisory. A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer ...

Amazon Linux 2 : cairo, --advisory ALAS2-2025-2989 (ALAS-2025-2989)

The version of cairo installed on the remote host is prior to 1.15.12-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2989 advisory. An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program...

Amazon Linux 2 : vorbis-tools, --advisory ALAS2-2025-2983 (ALAS-2025-2983)

The version of vorbis-tools installed on the remote host is prior to 1.4.0-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2983 advisory. Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of...

Amazon Linux 2 : golang, --advisory ALAS2-2025-2984 (ALAS-2025-2984)

The version of golang installed on the remote host is prior to 1.24.6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2984 advisory. os/exec: LookPath may return unexpected paths. If the PATH environment variable contains paths which are executables rathe...

Amazon Linux 2 : libxml2, --advisory ALAS2-2025-2977 (ALAS-2025-2977)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2977 advisory. A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management...

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage in coders/png.c are unsafe and can overflow, leading to memory corruption. This issue has been...

Important: python

Issue Overview: There is a defect in the CPython "tarfile" module affecting the "TarFile" extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously...

Important: python3

Issue Overview: There is a defect in the CPython "tarfile" module affecting the "TarFile" extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously...

Medium: mod_security

Issue Overview: ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. In versions 2.9.8 to before 2.9.11, an empty XML tag can cause a segmentation fault. If SecParseXmlIntoArgs is set to On or OnlyArgs, and the request type is application/xm...

Important: kernel-livepatch-5.10.239-236.958

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later CVE-2022-49935 Affected Packages: kernel-livepatch-5.10.239-236.958 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Important: kernel-livepatch-5.10.237-230.949

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later CVE-2022-49935 Affected Packages: kernel-livepatch-5.10.237-230.949 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Amazon Linux 2 : python (ALAS-2025-2961)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2961 advisory. There is a defect in the CPython tarfile module affecting the TarFile extraction and entry enumeration APIs. The tar implementation...