Lucene search
+L

118 matches found

Chainguard
Chainguard
added 2026/06/26 8:22 p.m.10 views

GHSA-RM3J-F69W-WQMQ vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-guardduty-fips, crossplane-provider-aws-backup, atlantis-fips, docker-machine-driver-linode, caddy, eksctl, crossplane-provider-aws-osis, mattermost, crossplane-provider-aws-s3, crossplane-provider-azure-relay, crossplane-provider-aws-vpc-fips...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.23 views

GHSA-Q4H4-GMJ2-QVW2 vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-guardduty-fips, crossplane-provider-aws-backup, atlantis-fips, docker-machine-driver-linode, caddy, eksctl, crossplane-provider-aws-osis, mattermost, crossplane-provider-aws-s3, crossplane-provider-azure-relay, crossplane-provider-aws-vpc-fips...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.14 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2026-117 (ALASECS-2026-117)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-117 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.18 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-106 (ALASNITRO-ENCLAVES-2026-106)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-106 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigge...

7.5CVSS6AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.19 views

Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2026-1738)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1738 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.13 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2026-113 (ALASDOCKER-2026-113)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-113 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overfl...

9.8CVSS6AI score0.00621EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.17 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-099 (ALASNITRO-ENCLAVES-2026-099)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-099 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow o...

9.8CVSS6AI score0.00621EPSS
Exploits0References18
Amazon
Amazon
added 2026/04/14 12:0 a.m.7 views

Medium: amazon-ecr-credential-helper

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

7.5CVSS5.9AI score0.00728EPSS
Exploits0
Amazon
Amazon
added 2026/04/14 12:0 a.m.14 views

Medium: amazon-ecr-credential-helper

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

7.5CVSS5.9AI score0.00728EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.8 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-095 (ALASNITRO-ENCLAVES-2026-095)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-095 advisory. url.Parse insufficiently validated the host/authority component and accepted some inval...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.10 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2026-109 (ALASDOCKER-2026-109)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-109 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References8
Amazon
Amazon
added 2026/04/13 12:0 a.m.13 views

Medium: amazon-ecr-credential-helper

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

7.5CVSS5.9AI score0.00728EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.10 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2026-098 (ALASDOCKER-2026-098)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-098 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service...

10CVSS6.1AI score0.01945EPSS
Exploits2References10
Amazon
Amazon
added 2026/02/19 12:0 a.m.11 views

Medium: amazon-ecr-credential-helper

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS5.7AI score0.01945EPSS
Exploits2
Amazon
Amazon
added 2026/02/19 12:0 a.m.12 views

Medium: amazon-ecr-credential-helper

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS7.5AI score0.01945EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.8 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-087 (ALASNITRO-ENCLAVES-2026-087)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-087 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of...

10CVSS7.2AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.12 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2026-095 (ALASECS-2026-095)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-095 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service whe...

10CVSS7.2AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.7 views

Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2026-1370)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1370 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processe...

10CVSS7.8AI score0.01945EPSS
Exploits2References10
Amazon
Amazon
added 2026/01/07 12:0 a.m.11 views

Important: amazon-ecr-credential-helper

Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...

7.5CVSS6.6AI score0.00585EPSS
Exploits3
Amazon
Amazon
added 2026/01/05 12:0 a.m.9 views

Important: amazon-ecr-credential-helper

Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...

7.5CVSS6.7AI score0.00585EPSS
Exploits3
Rows per page
Query Builder