Amazon Linux - 2 CVEs (Page 1/1)

About “Amazon Linux”

A curated feed of “Amazon Linux”-related CVEs appears below. We currently track 2 CVEs for this tag (all time). In the last 365 days, 0 were published. Average CVSS is 5.4 (all time), and 0% are rated High/Critical (all time). Top CWEs (all time): CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), CWE-908 - Use of Uninitialized Resource.

In our taxonomy this topic maps to a LOW impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

Support & lifecycle: amazon-linux

This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.

Cycle	Release	Latest	Premier Support	EOL
2023	2023-03-01	2023.11.20260526.0	2027-06-30	2029-06-30
2	2018-06-26	2.0.20260526.0	2026-06-30	2026-06-30 Soon
2018.03	2018-04-25	2018.03.0.20231218.0	2020-12-31	2023-12-31 Expired
2017.09	2017-11-03	2017.09.1.20180409	2020-12-31	2023-12-31 Expired
2017.03	2017-04-07	2017.03.1.20170812	2020-12-31	2023-12-31 Expired
2016.09	2016-11-16	2016.09.1.20161221	2020-12-31	2023-12-31 Expired
2016.03	2016-03-22	2016.03	2020-12-31	2023-12-31 Expired
2015.09	2015-09-22	2015.09	2020-12-31	2023-12-31 Expired
2015.03	2015-03-24	2015.03	2020-12-31	2023-12-31 Expired
2014.09	2014-09-23	2014.09	2020-12-31	2023-12-31 Expired
2014.03	2014-03-27	2014.03	2020-12-31	2023-12-31 Expired
2013.09	2013-09-30	2013.09	2020-12-31	2023-12-31 Expired
2013.03	2013-03-27	2013.03	2020-12-31	2023-12-31 Expired
2012.09	2012-10-11	2012.09	2020-12-31	2023-12-31 Expired
2012.03	2012-03-28	2012.03	2020-12-31	2023-12-31 Expired
2011.09	2011-09-26	2011.09	2020-12-31	2023-12-31 Expired
2010.11	2010-12-01	2010.11	2020-12-31	2023-12-31 Expired

Maintained Soon (≤ 180 days) Expired

Subscribe lifecycle: RSS · RSS (expired) · ICS

Subscribe CVEs: RSS for “Amazon Linux”

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0

2024-04-03

Medium

CVE-2023-35812

An issue was discovered in the Amazon Linux packages of OpenSSH 7.4 for Amazon Linux 1 and 2, because of an incomplete fix for CVE-2019-6111 within these specific packages. The fix had only covered c…

CVSS: 5.3 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD

2022-07-19

Medium

CVE-2022-34266

The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a…

CVSS: 5.5 CWE: CWE-908 - Use of Uninitialized Resource View on NVD