9341 matches found
Amazon Linux 2023 : php8.1, php8.1-bcmath, php8.1-cli (ALAS2023-2025-1355)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1355 advisory. NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfcDEBIANBUG: 1123574 CVE-2025-1417...
Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2025-1325)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1325 advisory. When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building...
Amazon Linux 2023 : grub2-common, grub2-efi-aa64, grub2-efi-aa64-cdboot (ALAS2023-2025-1342)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1342 advisory. A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the...
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2025-1323)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1323 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf...
Amazon Linux 2023 : python3.13, python3.13-devel, python3.13-freethreading (ALAS2023-2025-1343)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1343 advisory. When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building...
Amazon Linux 2023 : docker (ALAS2023-2025-1340)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1340 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...
Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2025-1348)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1348 advisory. Use after free due to connection being cleaned up after error CVE-2025-62408 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus h...
Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2025-1354)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1354 advisory. NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfcDEBIANBUG: 1123574 CVE-2025-1417...
Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2025-1347)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1347 advisory. Use after free due to connection being cleaned up after error CVE-2025-62408 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus h...
Amazon Linux 2023 : cni-plugins (ALAS2023-2025-1321)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1321 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf...
Amazon Linux 2023 : runfinch-finch (ALAS2023-2025-1336)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1336 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...
Amazon Linux 2023 : oci-add-hooks (ALAS2023-2025-1335)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1335 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf...
Amazon Linux 2023 : soci-snapshotter (ALAS2023-2025-1334)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1334 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf...
Amazon Linux 2023 : php8.4, php8.4-bcmath, php8.4-cli (ALAS2023-2025-1352)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1352 advisory. NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfcDEBIANBUG: 1123574 CVE-2025-1417...
Amazon Linux 2023 : glib2, glib2-devel, glib2-static (ALAS2023-2025-1349)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1349 advisory. Buffer underflow on Glib through glib/gvariant via bytestringparse or stringparse leads to OOB Write. CVE-2025-14087 Tenable has extracted the preceding description block directly from the tested produ...
Amazon Linux 2023 : docker (ALAS2023-2025-1329)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1329 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate...
Amazon Linux 2023 : nerdctl (ALAS2023-2025-1326)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1326 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf...
Amazon Linux 2023 : ecs-init (ALAS2023-2025-1345)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1345 advisory. A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the intern...
Amazon Linux 2023 : libpng, libpng-devel, libpng-static (ALAS2023-2025-1332)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1332 advisory. LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng'...
Amazon Linux 2023 : ecs-init (ALAS2023-2025-1341)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1341 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf...