Language:
https://alas.aws.amazon.com//AL2/ALAS2-2025-3114.html
https://alas.aws.amazon.com/faqs.html
https://explore.alas.aws.amazon.com/CVE-2025-13502.html
https://explore.alas.aws.amazon.com/CVE-2025-13947.html
https://explore.alas.aws.amazon.com/CVE-2025-31223.html
https://explore.alas.aws.amazon.com/CVE-2025-31277.html
https://explore.alas.aws.amazon.com/CVE-2025-43392.html
https://explore.alas.aws.amazon.com/CVE-2025-43419.html
https://explore.alas.aws.amazon.com/CVE-2025-43421.html
https://explore.alas.aws.amazon.com/CVE-2025-43425.html
https://explore.alas.aws.amazon.com/CVE-2025-43427.html
https://explore.alas.aws.amazon.com/CVE-2025-43429.html
https://explore.alas.aws.amazon.com/CVE-2025-43430.html
https://explore.alas.aws.amazon.com/CVE-2025-43431.html
https://explore.alas.aws.amazon.com/CVE-2025-43432.html
https://explore.alas.aws.amazon.com/CVE-2025-43433.html
https://explore.alas.aws.amazon.com/CVE-2025-43434.html
https://explore.alas.aws.amazon.com/CVE-2025-43438.html
https://explore.alas.aws.amazon.com/CVE-2025-43440.html
https://explore.alas.aws.amazon.com/CVE-2025-43441.html
https://explore.alas.aws.amazon.com/CVE-2025-43443.html
https://explore.alas.aws.amazon.com/CVE-2025-43458.html
https://explore.alas.aws.amazon.com/CVE-2025-43501.html
https://explore.alas.aws.amazon.com/CVE-2025-43529.html
https://explore.alas.aws.amazon.com/CVE-2025-43531.html
https://explore.alas.aws.amazon.com/CVE-2025-43535.html
https://explore.alas.aws.amazon.com/CVE-2025-43536.html
深刻度: High
ID: 281806
ファイル名: al2_ALAS-2025-3114.nasl
バージョン: 1.3
タイプ: Local
エージェント: unix
公開日: 2026/1/5
更新日: 2026/3/27
サポートされているセンサー: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus
リスクファクター: Critical
スコア: 9.4
パーセンタイル: 99.81
リスクファクター: Critical
基本値: 10
現状値: 8.3
ベクトル: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS スコアのソース: CVE-2025-66287
リスクファクター: High
基本値: 8.8
現状値: 8.2
ベクトル: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
現状ベクトル: CVSS:3.0/E:F/RL:O/RC:C
CPE: cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:webkitgtk4, p-cpe:/a:amazon:linux:webkitgtk4-devel, p-cpe:/a:amazon:linux:webkitgtk4-jsc, p-cpe:/a:amazon:linux:webkitgtk4-jsc-devel
必要な KB アイテム: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
エクスプロイトが利用可能: true
エクスプロイトの容易さ: Exploits are available
パッチ公開日: 2026/1/5
脆弱性公開日: 2025/9/18
CISA の既知の悪用された脆弱性の期限日: 2026/1/5, 2026/4/3
CVE: CVE-2025-13502, CVE-2025-13947, CVE-2025-31223, CVE-2025-31277, CVE-2025-43392, CVE-2025-43419, CVE-2025-43421, CVE-2025-43425, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431, CVE-2025-43432, CVE-2025-43433, CVE-2025-43434, CVE-2025-43438, CVE-2025-43440, CVE-2025-43441, CVE-2025-43443, CVE-2025-43458, CVE-2025-43501, CVE-2025-43529, CVE-2025-43531, CVE-2025-43535, CVE-2025-43536, CVE-2025-43541, CVE-2025-66287
IAVA: 2025-A-0901