Lucene search
+L

8 matches found

amazon
amazon
added 2026/01/05 12:0 a.m.9 views

Important: amazon-ssm-agent

Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...

7.5CVSS6.8AI score0.00626EPSS
Exploits0
amazon
amazon
added 2025/12/08 12:0 a.m.10 views

Important: ecs-init

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

7.5CVSS9AI score0.00626EPSS
Exploits0
nessus
nessus
added 2025/12/08 12:0 a.m.10 views

Amazon Linux 2 : ecs-init, --advisory ALAS2ECS-2025-083 (ALASECS-2025-083)

The version of ecs-init installed on the remote host is prior to 1.101.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-083 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6...

7.5CVSS7.3AI score0.00626EPSS
Exploits0References22
nessus
nessus
added 2025/11/11 12:0 a.m.8 views

Amazon Linux 2 : docker, --advisory ALAS2ECS-2025-081 (ALASECS-2025-081)

The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-081 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6...

7.5CVSS7.3AI score0.00626EPSS
Exploits0References22
nessus
nessus
added 2025/11/11 12:0 a.m.5 views

Amazon Linux 2 : golist, --advisory ALAS2-2025-3069 (ALAS-2025-3069)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3069 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresse...

7.5CVSS7.3AI score0.00626EPSS
Exploits0References22
nessus
nessus
added 2025/11/11 12:0 a.m.6 views

Amazon Linux 2 : runc, --advisory ALAS2ECS-2025-082 (ALASECS-2025-082)

The version of runc installed on the remote host is prior to 1.3.3-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-082 advisory. Placeholder CVE. Details forthcoming CVE-2025-31133 net/url: insufficient validation of bracketed IPv6 hostnames The Parse...

8.4CVSS7.3AI score0.0067EPSS
Exploits4References28
nessus
nessus
added 2025/11/11 12:0 a.m.4 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2DOCKER-2025-083 (ALASDOCKER-2025-083)

The version of oci-add-hooks installed on the remote host is prior to 0-0.5.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-083 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted valu...

7.5CVSS7.4AI score0.00626EPSS
Exploits0References22
nessus
nessus
added 2025/11/07 12:0 a.m.34 views

Amazon Linux 2023 : runc (ALAS2023-2025-1263)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1263 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks...

5.5AI score
Exploits0References2
Rows per page
Query Builder