Amazon Linux 2023

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-624 Related CVEs: CVE-2022-31629 CVE-2024-2756 CVE-2024-3096 CVE-2023-3823 CVE-2023-3824 CVE-2025-14177 CVE-2025-14178 CVE-2025-14180  +12 more Upstream summary: The vulnerability allows a remote attacker to bypass implemented security restrictions. The vulnerability exists due […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-612 Related CVEs: CVE-2022-31629 CVE-2024-2756 CVE-2024-3096 CVE-2023-3247 CVE-2023-3823 CVE-2023-3824 CVE-2022-31627 CVE-2022-31628  +12 more Upstream summary: The vulnerability allows a remote attacker to bypass implemented security restrictions. The vulnerability exists due […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-595 Related CVEs: CVE-2024-27316 CVE-2024-36387 Upstream summary: HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-593 Related CVEs: CVE-2024-27983 CVE-2024-28182 CVE-2024-21892 CVE-2024-22019 CVE-2023-38552 CVE-2023-39333 CVE-2023-45143 CVE-2023-44487  +12 more Upstream summary: An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-560 Related CVEs: CVE-2024-25710 CVE-2021-36090 Upstream summary: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-575 Related CVEs: CVE-2022-31394 CVE-2025-3416 Upstream summary: RUSTSEC-2024-0006 NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0006.html NOTE: https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-557 Related CVEs: CVE-2015-1197 CVE-2021-38185 Upstream summary: cpio 2.11, when using the –no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-541 Related CVEs: CVE-2024-24575 CVE-2024-24577 Upstream summary: libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-556 Related CVEs: CVE-2022-48623 CVE-2025-40929 Upstream summary: The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2024-532 Related CVEs: CVE-2020-21679 CVE-2022-1270 CVE-2025-27795 CVE-2025-27796 CVE-2025-32460 Upstream summary: Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service […]