Amazon Linux

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1707 Related CVEs: CVE-2025-3010 Upstream summary: A vulnerability, which was classified as problematic, has been found in Khronos Group glslang 15.1.0. Affected by this issue is the function glslang::TIntermediate::isConversionAllowed of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1701 Related CVEs: CVE-2024-54661 Upstream summary: readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file. (CVE-2024-54661) Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1691 Related CVEs: CVE-2025-31160 Upstream summary: atop through 2.11.0 allows local users to cause a denial of service (e.g., assertion failure and application exit) or possibly have unspecified other impact […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1610 Related CVEs: CVE-2026-25727 Upstream summary: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1580 Related CVEs: CVE-2026-1764 CVE-2026-1765 CVE-2026-1766 CVE-2026-1767 Upstream summary: A flaw was found in GNOME localsearch MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1462 Related CVEs: CVE-2025-54409 Upstream summary: AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1422 Related CVEs: CVE-2019-13232 CVE-2021-4217 CVE-2022-0529 CVE-2022-0530 Upstream summary: Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2025-1174 Related CVEs: CVE-2023-47466 Upstream summary: TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2025-1150 Related CVEs: CVE-2025-48924 Upstream summary: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023NVIDIA-2025-018 Related CVEs: CVE-2024-53870 CVE-2024-53871 CVE-2024-53875 Upstream summary: NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by […]