3 matches found
Amazon Linux 2 : runfinch-finch, --advisory ALAS2DOCKER-2025-081 (ALASDOCKER-2025-081)
The version of runfinch-finch installed on the remote host is prior to 1.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-081 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2025-073 (ALASNITRO-ENCLAVES-2025-073)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.10.1-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-073 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitt...
Important: amazon-ecr-credential-helper
Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...