amazon-ssm-agent-3.3.4624.0-2.1 on GA media (moderate)

amazon-ssm-agent-3.3.4624.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10966-1 Rating: moderate Cross-References: CVE-2026-39827 CVE-2026-39828 CVE-2026-39834 CVE-2026-46598 CVSS scores: CVE-2026-39827 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-39827 SUSE : 7.1...

OPENSUSE-SU-2026:10966-1 amazon-ssm-agent-3.3.4624.0-2.1 on GA media

These are all security issues fixed in the amazon-ssm-agent-3.3.4624.0-2.1 package on the GA media of openSUSE Tumbleweed...

Amazon Linux 2 : amazon-ssm-agent, --advisory ALAS2-2026-3350 (ALAS-2026-3350)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.4515.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3350 advisory. When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it...

Important: amazon-ssm-agent

Issue Overview: When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0. CVE-2026-33814 Affected Packages: amazon-ssm-agent Issue Correction: Run dnf update amazon-ssm-agent --releasever...

Important: amazon-ssm-agent

Issue Overview: When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0. CVE-2026-33814 Affected Packages: amazon-ssm-agent Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Amazon Linux 2023 : amazon-ssm-agent (ALAS2023-2026-1813)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1813 advisory. When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0. CVE-2026-33814 Tenable has extracte...

amazon-ssm-agent-3.3.4624.0-1.1 on GA media (moderate)

amazon-ssm-agent-3.3.4624.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10943-1 Rating: moderate Cross-References: CVE-2026-44740 CVSS scores: CVE-2026-44740 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-44740 SUSE : 8.7...

OPENSUSE-SU-2026:10943-1 amazon-ssm-agent-3.3.4624.0-1.1 on GA media

These are all security issues fixed in the amazon-ssm-agent-3.3.4624.0-1.1 package on the GA media of openSUSE Tumbleweed...

amazon-ssm-agent-3.3.4515.0-1.1 on GA media (moderate)

amazon-ssm-agent-3.3.4515.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10872-1 Rating: moderate Cross-References: CVE-2026-39821 CVSS scores: CVE-2026-39821 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2026-39821 SUSE : 9.1...

OPENSUSE-SU-2026:10872-1 amazon-ssm-agent-3.3.4515.0-1.1 on GA media

These are all security issues fixed in the amazon-ssm-agent-3.3.4515.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10765-1 amazon-ssm-agent-3.3.4268.0-2.1 on GA media

These are all security issues fixed in the amazon-ssm-agent-3.3.4268.0-2.1 package on the GA media of openSUSE Tumbleweed...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: trivy, datadog-agent, influxd, caddy, commercial-chainloop-backend, ingress-nginx-controller, elastic-agent, rabbitmq-messaging-topology-operator, kube-state-metrics, rclone-fips, snyk-cli, gatekeeper-fips, ko-fips, gitaly, juicefs, rke2-runtime, sonobuoy, kyverno,...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: trivy, datadog-agent, influxd, caddy, commercial-chainloop-backend, ingress-nginx-controller, elastic-agent, rabbitmq-messaging-topology-operator, kube-state-metrics, rclone-fips, snyk-cli, gatekeeper-fips, ko-fips, gitaly, juicefs, rke2-runtime, sonobuoy, kyverno,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure-managedidentity, custom-pod-autoscaler-fips, ingress-nginx-controller, crossplane-provider-aws-sqs-fips, rabbitmq-messaging-topology-operator, goose, git-lfs, pvc-autoresizer, newrelic-nri-statsd, gitaly, thanos-receive-controller-fips,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: trivy, knative-net-istio-fips, kapp, datadog-agent, influxd, caddy, commercial-chainloop-backend, crossplane-provider-azure-managedidentity, prometheus-pushgateway-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller,...

OPENSUSE-SU-2026:10486-1 amazon-ssm-agent-3.3.4121.0-1.1 on GA media

These are all security issues fixed in the amazon-ssm-agent-3.3.4121.0-1.1 package on the GA media of openSUSE Tumbleweed...

Important: amazon-ssm-agent

Issue Overview: cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Affected Packages: amazon-ssm-agent Issue Correction: Run dnf update amazon-ssm-agent --releasever 2023.10.20260330 or d...

Important: amazon-ssm-agent

Issue Overview: cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Affected Packages: amazon-ssm-agent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this...

Amazon Linux 2 : amazon-ssm-agent, --advisory ALAS2-2026-3207 (ALAS-2026-3207)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.3883.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3207 advisory. cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected...

openSUSE 16 Security Update : amazon-ssm-agent (openSUSE-SU-2026:20351-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20351-1 advisory. - CVE-2025-47913: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253611. Tenab...