Amazon Linux 2 : amazon-ssm-agent, --advisory ALAS2-2026-3350 (ALAS-2026-3350)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.4515.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3350 advisory. When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it...

OPENSUSE-SU-2026:10966-1 amazon-ssm-agent-3.3.4624.0-2.1 on GA media

These are all security issues fixed in the amazon-ssm-agent-3.3.4624.0-2.1 package on the GA media of openSUSE Tumbleweed...

Amazon Linux 2023 : amazon-ssm-agent (ALAS2023-2026-1813)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1813 advisory. When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0. CVE-2026-33814 Tenable has extracte...

Important: amazon-ssm-agent

Issue Overview: When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0. CVE-2026-33814 Affected Packages: amazon-ssm-agent Issue Correction: Run dnf update amazon-ssm-agent --releasever...

Important: amazon-ssm-agent

Issue Overview: When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0. CVE-2026-33814 Affected Packages: amazon-ssm-agent Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

amazon-ssm-agent-3.3.4624.0-1.1 on GA media (moderate)

amazon-ssm-agent-3.3.4624.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10943-1 Rating: moderate Cross-References: CVE-2026-44740 CVSS scores: CVE-2026-44740 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-44740 SUSE : 8.7...

OPENSUSE-SU-2026:10943-1 amazon-ssm-agent-3.3.4624.0-1.1 on GA media

These are all security issues fixed in the amazon-ssm-agent-3.3.4624.0-1.1 package on the GA media of openSUSE Tumbleweed...

amazon-ssm-agent-3.3.4515.0-1.1 on GA media (moderate)

amazon-ssm-agent-3.3.4515.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10872-1 Rating: moderate Cross-References: CVE-2026-39821 CVSS scores: CVE-2026-39821 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2026-39821 SUSE : 9.1...

OPENSUSE-SU-2026:10872-1 amazon-ssm-agent-3.3.4515.0-1.1 on GA media

These are all security issues fixed in the amazon-ssm-agent-3.3.4515.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10765-1 amazon-ssm-agent-3.3.4268.0-2.1 on GA media

These are all security issues fixed in the amazon-ssm-agent-3.3.4268.0-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: rabbitmq-messaging-topology-operator-fips, flux, vendir-fips, image-factory, fuse-overlayfs-snapshotter, conftest-fips, eksctl, opentofu, opa-fips-envoy, neuvector-scanner, kyverno, flux-helm-controller, net-kourier, k8ssandra-client-fips, flux-operator,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: rabbitmq-messaging-topology-operator-fips, flux, vendir-fips, image-factory, fuse-overlayfs-snapshotter, conftest-fips, eksctl, opentofu, opa-fips-envoy, neuvector-scanner, kyverno, flux-helm-controller, net-kourier, k8ssandra-client-fips, flux-operator,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: k6-operator, flux, chaos-mesh-fips, terraform-provider-pagerduty, kubernetes-release-fips, harbor-scanner-trivy-fips, databricks-cli-fips, falco-exporter-fips, argocd-image-updater-fips, aws-s3-controller, opa-fips-envoy, etcd-fips, terraform-provider-azapi-fips,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: github-mcp-server, crossplane-provider-aws-dynamodb-fips, k6-operator, rabbitmq-messaging-topology-operator-fips, flux, chaos-mesh-fips, kubeflow-fips, image-factory, vendir-fips, terraform-provider-pagerduty, nri-mssql-fips, spire-controller-manager-fips,...

OPENSUSE-SU-2026:10486-1 amazon-ssm-agent-3.3.4121.0-1.1 on GA media

These are all security issues fixed in the amazon-ssm-agent-3.3.4121.0-1.1 package on the GA media of openSUSE Tumbleweed...

Important: amazon-ssm-agent

Issue Overview: cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Affected Packages: amazon-ssm-agent Issue Correction: Run dnf update amazon-ssm-agent --releasever 2023.10.20260330 or d...

Important: amazon-ssm-agent

Issue Overview: cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Affected Packages: amazon-ssm-agent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this...

Amazon Linux 2 : amazon-ssm-agent, --advisory ALAS2-2026-3207 (ALAS-2026-3207)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.3883.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3207 advisory. cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected...

openSUSE 16 Security Update : amazon-ssm-agent (openSUSE-SU-2026:20351-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20351-1 advisory. - CVE-2025-47913: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253611. Tenab...

Security update for amazon-ssm-agent (important)

openSUSE security update: security update for amazon-ssm-agent ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20351-1 Rating: important References: bsc1253611 Cross-References: CVE-2025-47913 CVSS scores: CVE-2025-47913 SUSE : 7.5...