Amazon Linux 2

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2PYTHON3.8-2024-016 Related CVEs: CVE-2001-1267 CVE-2007-4559 CVE-2021-28861 CVE-2024-0397 CVE-2024-0450 CVE-2024-4032 CVE-2024-6232 CVE-2024-6923  +12 more Upstream summary: Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-2941 Related CVEs: CVE-2025-27613 CVE-2025-27614 CVE-2025-46835 CVE-2025-48384 CVE-2025-48385 CVE-2019-1348 CVE-2019-1349 CVE-2019-1350  +12 more Upstream summary: When a user clones an untrusted repository and runs Gitk without additional command arguments, any […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2681 Related CVEs: CVE-2024-36474 CVE-2024-42415 Upstream summary: An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2675 Related CVEs: CVE-2024-39936 Upstream summary: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2659 Related CVEs: CVE-2024-39936 CVE-2025-2756 CVE-2025-3549 CVE-2025-11277 CVE-2025-2750 CVE-2025-2751 CVE-2025-2757 CVE-2025-3158  +12 more Upstream summary: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-2937 Related CVEs: CVE-2025-49809 Upstream summary: mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. (CVE-2025-49809) Table of contents Symptom & […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2664 Related CVEs: CVE-2024-39936 Upstream summary: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2025-2945 Related CVEs: CVE-2022-44638 Upstream summary: In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. […]