Amazon Linux 2

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-3117 Related CVEs: CVE-2025-14087 CVE-2025-13601 CVE-2023-29499 CVE-2023-32611 CVE-2023-32636 CVE-2023-32643 CVE-2023-32665 CVE-2020-35457  +9 more Upstream summary: Buffer underflow on Glib through glib/gvariant via bytestring_parse() or string_parse() leads to OOB Write. (CVE-2025-14087) […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-3099 Related CVEs: CVE-2025-55753 CVE-2025-58098 CVE-2025-65082 CVE-2025-66200 CVE-2023-38709 CVE-2024-42516 CVE-2024-43204 CVE-2024-47252  +12 more Upstream summary: An integer overflow in the case of failed ACME certificate renewal leads, after a number […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-3102 Related CVEs: CVE-2025-12385 CVE-2024-39936 CVE-2023-37369 CVE-2020-17507 CVE-2023-51714 CVE-2022-25634 CVE-2023-38197 CVE-2023-32762  +10 more Upstream summary: Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-3101 Related CVEs: CVE-2025-12385 CVE-2024-39936 Upstream summary: Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-3114 Related CVEs: CVE-2025-13502 CVE-2025-13947 CVE-2025-31223 CVE-2025-31277 CVE-2025-43392 CVE-2025-43419 CVE-2025-43421 CVE-2025-43425  +12 more Upstream summary: A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-3078 Related CVEs: CVE-2025-47912 CVE-2025-58183 CVE-2025-58185 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-58189 CVE-2025-61723  +12 more Upstream summary: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-3092 Related CVEs: CVE-2025-54514 CVE-2025-62626 CVE-2023-31315 CVE-2017-5715 CVE-2023-20593 Upstream summary: Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-3085 Related CVEs: CVE-2025-59088 CVE-2025-59089 Upstream summary: If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-3069 Related CVEs: CVE-2025-47912 CVE-2025-58183 CVE-2025-58185 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-58189 CVE-2025-61723  +12 more Upstream summary: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 […]