Amazon Linux 2

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3141 Related CVEs: CVE-2026-0719 CVE-2025-14523 CVE-2025-32049 CVE-2025-4948 CVE-2025-32906 CVE-2025-32907 CVE-2025-32911 CVE-2025-32913  +5 more Upstream summary: A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3143 Related CVEs: CVE-2025-13151 CVE-2021-46848 CVE-2024-12133 Upstream summary: Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3147 Related CVEs: CVE-2026-21441 CVE-2025-66418 CVE-2025-66471 CVE-2025-8869 CVE-2025-50181 CVE-2024-47081 CVE-2001-1267 CVE-2007-4559  +12 more Upstream summary: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3148 Related CVEs: CVE-2026-23490 CVE-2026-30922 Upstream summary: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3149 Related CVEs: CVE-2026-21441 CVE-2025-66418 CVE-2025-66471 CVE-2025-50181 CVE-2024-37891 CVE-2023-45803 CVE-2021-33503 CVE-2020-26137  +1 more Upstream summary: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3131 Related CVEs: CVE-2026-21441 CVE-2024-37891 CVE-2025-66418 CVE-2025-66471 CVE-2025-50181 Upstream summary: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3125 Related CVEs: CVE-2025-68973 CVE-2018-12020 CVE-2022-34903 CVE-2014-4617 Upstream summary: In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3124 Related CVEs: CVE-2025-68615 CVE-2020-15862 CVE-2022-44793 CVE-2022-24805 CVE-2022-24806 CVE-2022-24807 CVE-2022-24808 CVE-2022-24809  +2 more Upstream summary: net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3129 Related CVEs: CVE-2022-50798 CVE-2021-23159 CVE-2021-23172 CVE-2021-3643 CVE-2022-31650 CVE-2022-31651 CVE-2023-26590 CVE-2023-32627  +4 more Upstream summary: SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2NITRO-ENCLAVES-2025-079 Related CVEs: CVE-2025-61727 CVE-2025-61729 CVE-2025-65637 CVE-2025-47912 CVE-2025-58183 CVE-2025-58185 CVE-2025-58186 CVE-2025-58187  +12 more Upstream summary: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a […]