🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2025-3111 Related CVEs: CVE-2025-66004 Upstream summary: A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user. (CVE-2025-66004) Table of contents Symptom & Impact Environment & […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2025-3082 Related CVEs: CVE-2025-57812 CVE-2025-64503 CVE-2025-64524 CVE-2024-47176 CVE-2024-47850 Upstream summary: CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2025-3083 Related CVEs: CVE-2025-61911 CVE-2025-61912 CVE-2021-46823 Upstream summary: python-ldap is a lightweight directory access protocol (LDAP) client API for Python. In versions prior to 3.4.5, the sanitization method `ldap.filter.escape_filter_chars` can […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2025-3057 Related CVEs: CVE-2025-6020 CVE-2025-8941 CVE-2024-10041 CVE-2024-22365 Upstream summary: A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2025-3017 Related CVEs: CVE-2021-3624 Upstream summary: There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2025-3007 Related CVEs: CVE-2025-50952 CVE-2024-56826 CVE-2024-56827 CVE-2018-20845 CVE-2018-20847 CVE-2018-5727 CVE-2018-5785 CVE-2018-6616 +11 more Upstream summary: openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c. […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2025-3005 Related CVEs: CVE-2025-40928 Upstream summary: JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2025-2997 Related CVEs: CVE-2024-10573 Upstream summary: An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2MOCK2-2025-001 Related CVEs: CVE-2023-6395 Upstream summary: The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2025-2989 Related CVEs: CVE-2025-50422 Upstream summary: An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to […]
Progressive Robot: Your Gateway to Comprehensive IT Solutions — Specializing in Web Development, Mobile App Development, and Expert IT Services.
© All Copyright by Progressiverobot.com
VAT Number ( 506152326 )
