Amazon Linux 2

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2547 Related CVEs: CVE-2024-32487 CVE-2022-48624 Upstream summary: less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2524 Related CVEs: CVE-2024-27316 CVE-2021-31618 CVE-2020-11993 CVE-2020-9490 CVE-2019-9511 CVE-2019-9516 CVE-2019-9517 CVE-2018-11763  +2 more Upstream summary: HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2024-2493 Related CVEs: CVE-2024-25710 CVE-2021-36090 Upstream summary: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2NITRO-ENCLAVES-2024-039 Related CVEs: CVE-2022-31394 CVE-2025-3416 Upstream summary: RUSTSEC-2024-0006 NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0006.html NOTE: https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2MATE-DESKTOP1.X-2024-008 Related CVEs: CVE-2023-52138 Upstream summary: Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can be leveraged […]