176 matches found
CVE-2026-41178 vulnerabilities
Vulnerabilities for packages: kuberay-apiserver, terraform-provider-grafana, kube-arangodb-fips, art, flux, drone-fips, cilium, crossplane-provider-aws-cloudtrail, go-sqlcmd, grafana-mimir, docker-machine-driver-harvester, flux-image-reflector-controller, harbor-registry,...
Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2026-3389 (ALAS-2026-3389)
The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300067.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3389 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service...
Important: amazon-cloudwatch-agent
Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...
CLEANSTART-2026-MJ26242 Security fixes for CVE-2026-41602, ghsa-wf45-q9ch-q8gh applied in versions: 1.300066.1-r0
Multiple security vulnerabilities affect the amazon-cloudwatch-agent-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-GA28186 Security fixes for CVE-2026-41602 applied in versions: 1.300066.1-r0
Security vulnerability affects the amazon-cloudwatch-agent package. This issue is resolved in later releases. See references for vulnerability details...
CLEANSTART-2026-XQ84127 Security fixes for CVE-2025-47914, CVE-2025-58181, CVE-2026-29181, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3 applied in versions: 3.4.0-r0
Multiple security vulnerabilities affect the amazon-cloudwatch-agent-operator package. These issues are resolved in later releases. See references for individual vulnerability details...
OPENSUSE-SU-2026:10699-1 amazon-cloudwatch-agent-1.300066.1-1.1 on GA media
These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-38516
These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...
GHSA-MH2Q-Q3FH-2475 vulnerabilities
Vulnerabilities for packages: aactl, cert-manager-cmctl, gitlab-kas, src, kapp, kubernetes-csi-driver-hostpath, ipfs-cluster, buildah, flux-image-reflector-controller, podman, eksctl, istio, nuclei, crossplane-provider-family-azure, docker-machine-driver-harvester, promxy,...
CVE-2026-29181 vulnerabilities
Vulnerabilities for packages: aactl, cert-manager-cmctl, gitlab-kas, src, kapp, kubernetes-csi-driver-hostpath, ipfs-cluster, buildah, flux-image-reflector-controller, podman, eksctl, istio, nuclei, crossplane-provider-family-azure, docker-machine-driver-harvester, promxy,...
Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2026-3248 (ALAS-2026-3248)
"The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300064.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3248 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: aactl, external-dns, kine, aws-flb-firehose, gitlab-kas, kubescape, fuse-overlayfs-snapshotter, nerdctl, gatekeeper, kubernetes-dashboard, cilium, chezmoi, coredns, mattermost, runc, gitlab-pages, go, knative-operator, argo-cd, istio, knative-serving, kubernetes,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: aactl, esbuild, gitlab-kas, nri-mssql, nri-haproxy, portieris, kapp, github-mcp-server, kubescape, malcontent, kubernetes-dashboard, podman, knative-serving, nri-mongodb, percona-server-mongodb-operator, grafana-operator, rancher-agent, polaris,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: grafana-rollout-operator, harbor-scanner-trivy-fips, scanner-test-golang-vulnerability-fixed, docker-credential-ecr-login, kubernetes-event-exporter, kubescape-http-request, neuvector-dbgen, pluto, local-static-provisioner, stakater-reloader, buf,...
CVE-2026-32287 vulnerabilities
Vulnerabilities for packages: crossplane-provider-keycloak, crossplane-provider-aws-cloudfront, crossplane-provider-aws-ecr, crossplane-provider-aws-rolesanywhere-fips, crossplane-provider-aws-s3-fips, crossplane-provider-aws-iam-fips, crossplane-provider-keycloak-fips,...
GHSA-65XW-VW82-R86X vulnerabilities
Vulnerabilities for packages: crossplane-provider-keycloak, crossplane-provider-aws-cloudfront, crossplane-provider-aws-ecr, crossplane-provider-aws-rolesanywhere-fips, crossplane-provider-aws-s3-fips, crossplane-provider-aws-iam-fips, crossplane-provider-keycloak-fips,...
amazon-cloudwatch-agent-1.300064.0-2.1 on GA media (moderate)
amazon-cloudwatch-agent-1.300064.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10420-1 Rating: moderate Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-33186 SUSE : 8.6...
Medium: amazon-cloudwatch-agent
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
OPENSUSE-SU-2026:10420-1 amazon-cloudwatch-agent-1.300064.0-2.1 on GA media
These are all security issues fixed in the amazon-cloudwatch-agent-1.300064.0-2.1 package on the GA media of openSUSE Tumbleweed...
Medium: amazon-cloudwatch-agent
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...