CVE-2025-61731

Public on 2026-01-19
Modified on 2026-02-10
Description
cmd/go: bypass of flag sanitization can lead to arbitrary code execution
Severity
Important severity
Important
See what this means
CVSS v3 Base Score
7.0
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Ecs Extra amazon-ecr-credential-helper 2026-02-05 ALAS2ECS-2026-095 Fixed
Amazon Linux 2023 amazon-ecr-credential-helper 2026-02-05 ALAS2023-2026-1370 Fixed
Amazon Linux 2 - Core cni-plugins 2026-02-05 ALAS2-2026-3134 Fixed
Amazon Linux 2023 cni-plugins 2026-02-05 ALAS2023-2026-1373 Fixed
Amazon Linux 2 - Core cri-tools 2026-02-05 ALAS2-2026-3135 Fixed
Amazon Linux 2 - Core golang 2026-02-05 ALAS2-2026-3136 Fixed
Amazon Linux 2023 golang 2026-02-05 ALAS2023-2026-1381 Fixed
Amazon Linux 2 - Core golang-github-cpuguy83-go-md2man 2026-02-05 ALAS2-2026-3137 Fixed
Amazon Linux 2 - Core golist 2026-02-05 ALAS2-2026-3138 Fixed
Amazon Linux 2023 golist 2026-02-05 ALAS2023-2026-1382 Fixed
Amazon Linux 2023 libcap 2026-02-05 ALAS2023-2026-1389 Fixed
Amazon Linux 2 - Core nerdctl 2026-02-05 ALAS2-2026-3146 Fixed
Amazon Linux 2023 nerdctl 2026-02-05 ALAS2023-2026-1401 Fixed
Amazon Linux 2 - Docker Extra runc 2026-02-05 ALAS2DOCKER-2026-096 Fixed
Amazon Linux 2023 runfinch-finch 2026-02-05 ALAS2023-2026-1420 Fixed
Amazon Linux 2023 soci-snapshotter 2026-02-05 ALAS2023-2026-1421 Fixed
Amazon Linux 2 - Core amazon-cloudwatch-agent 2026-02-19 ALAS2-2026-3174 Fixed
Amazon Linux 2 - Docker Extra soci-snapshotter 2026-02-19 ALAS2DOCKER-2026-100 Fixed
Amazon Linux 2 - Aws-nitro-enclaves-cli Extra amazon-ecr-credential-helper 2026-02-19 ALAS2NITRO-ENCLAVES-2026-087 Fixed
Amazon Linux 2023 amazon-cloudwatch-agent 2026-02-18 ALAS2023-2026-1442 Fixed
Amazon Linux 2 - Docker Extra amazon-ecr-credential-helper 2026-02-19 ALAS2DOCKER-2026-098 Fixed
Amazon Linux 2 - Docker Extra runfinch-finch 2026-02-19 ALAS2DOCKER-2026-097 Fixed
Amazon Linux 2 - Aws-nitro-enclaves-cli Extra runc 2026-02-19 ALAS2NITRO-ENCLAVES-2026-089 Fixed
Amazon Linux 2 - Aws-nitro-enclaves-cli Extra runc 2026-02-19 ALAS2NITRO-ENCLAVES-2026-092 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2025-61731 Mitre: CVE-2025-61731