CVE-2026-6437 AWS EFS CSI Driver Mount Option Injection

Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver aws-efs-csi-driver before v3.0.1 allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via comma injection. To remediate this issue, users...

CVE-2026-6437

CVE-2026-6437 concerns the AWS EFS CSI Driver (aws-efs-csi-driver) prior to v3.0.1. The flaw is improper neutralization of argument delimiters in the volume handling component, which allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via...

CVE-2026-6437 AWS EFS CSI Driver Mount Option Injection

Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver aws-efs-csi-driver before v3.0.1 allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via comma injection. To remediate this issue, users...

Amazon EFS CSI Driver 安全漏洞

The Amazon EFS CSI Driver is an open-source component developed by the Kubernetes SIGs, used for mounting AWS File Storage in Kubernetes clusters. Previous versions of the Amazon EFS CSI Driver, such as 3.0.1, contained security vulnerabilities. These vulnerabilities stemmed from improper paramet...

Amazon Linux 2 : amazon-efs-utils, --advisory ALAS2-2026-3245 (ALAS-2026-3245)

The version of amazon-efs-utils installed on the remote host is prior to 3.0.0-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3245 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided t...

Amazon Linux 2023 : amazon-efs-utils (ALAS2023-2026-1564)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1564 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: flannel, slsa-verifier, vexctl, vault-benchmark, docker-machine-driver-harvester, xeol, argo-rollouts, cue, kubescape-operator, aws-node-termination-handler, crossplane-provider-azure-authorization, ingress-nginx-controller, cluster-api-provider-vsphere,...

CVE-2019-20502

An issue was discovered in EFS Easy Chat Server 3.1. There is a buffer overflow via a long body2.ghp message parameter...

CVE-2021-25743 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver-fips...

GHSA-F9JG-8P32-2F55 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver-fips...

Amazon Linux 2 : amazon-efs-utils, --advisory ALAS2-2025-3076 (ALAS-2025-3076)

The version of amazon-efs-utils installed on the remote host is prior to 2.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3076 advisory. regex is an implementation of regular expressions for the Rust language. The regex crate features built-in...

Important: amazon-efs-utils

Issue Overview: regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane...

Important: amazon-efs-utils

Issue Overview: regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane...

SUSE SLES15 / openSUSE 15 Security Update : aws-efs-utils (SUSE-SU-2025:3954-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3954-1 advisory. Update to version 2.3.3 bsc1240044. Security issues fixed: - CVE-2025-55159: slab: incorrect bounds check in...

openSUSE Security Advisory (SUSE-SU-2025:3954-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for aws-efs-utils

This update for aws-efs-utils fixes the following issues: Update to version 2.3.3 bsc1240044. Security issues fixed: CVE-2025-55159: slab: incorrect bounds check in getdisjointmut function can lead to potential crash due to out-of-bounds access bsc1248055. CVE-2020-35881: traitobject: log4rs:...

SUSE-SU-2025:3954-1 Security update for aws-efs-utils

This update for aws-efs-utils fixes the following issues: Update to version 2.3.3 bsc1240044. Security issues fixed: - CVE-2025-55159: slab: incorrect bounds check in getdisjointmut function can lead to potential crash due to out-of-bounds access bsc1248055. - CVE-2020-35881: traitobject: log4rs:...

EUVD-2018-3299

Malware in sbrugna...

EUVD-2019-11046

Malware in sbrugna...

EUVD-2017-18474

Malware in sbrugna...