Amazon Linux 2023 : ecs-init (ALAS2023-2025-1295)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1295 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...

CVE-2025-39677 net/sched: Fix backlog accounting in qdisc_dequeue_internal

In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal This issue applies for the following qdiscs: hhf, fq, fqcodel, and fqpie, and occurs in their change handlers when adjusting to the new limit. The problem is the following...

Security update for pdns-recursor (important)

openSUSE Security Update: Security update for pdns-recursor Announcement ID: openSUSE-SU-2025:0251-1 Rating: important References: 1231292 Cross-References: CVE-2024-25590 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This...

Malicious code in bk-card-cc-credit-limit-adjustment-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 839ee8572e063e7008de9939f5e66afdb87eb4083735168ee48b739ed54814d9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...