7 matches found
Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2026-3174 (ALAS-2026-3174)
The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300064.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3174 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported...
Medium: amazon-ecr-credential-helper
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
Medium: golist
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
CVE-2025-61731 vulnerabilities
Vulnerabilities for packages: cargobump, metacontroller, knative-serving, crossplane-provider-sql, bank-vaults, tetragon, linkerd2-proxy-init, crossplane-provider-aws-dynamodb, gobuster, paranoia, gatekeeper, mesosphere-vsphere-csi, lvm-driver, http-echo, gcp-compute-persistent-disk-csi-driver,...
CVE-2025-61731 vulnerabilities
Vulnerabilities for packages: generic-device-plugin-fips, docker-credential-gcr-fips, volume-modifier-for-k8s-fips, local-static-provisioner, chisel-fips, cfssl, secrets-store-csi-driver-provider-aws-fips, aws-sigv4-proxy-fips, flux-image-automation-controller, nri-nagios,...
BELL-CVE-2025-61731
Bulletin has no description...
PT-2026-3230
Name of the Vulnerable Software and Affected Versions versions prior to TLS 1.3 Description A flaw exists in the TLS 1.3 handshake process where messages spanning encryption level boundaries can be processed prematurely. This can lead to minor information disclosure if a network-local attacker...