Amazon Linux 2 : aws-cfn-bootstrap, --advisory ALAS2-2025-3104 (ALAS-2025-3104)
The version of aws-cfn-bootstrap installed on the remote host is prior to 2.0-38. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3104 advisory. Issue summary: A timing side-channel which could potentially allow recoveringthe private key exists in the ECDSA...