Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Package updates are available for Amazon Linux 2023 that fix the following vulnerabilities: CVE-2025-13837: When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues
CVE-2025-13836: When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.
CVE-2025-12084: When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.
3.11.14-1.amzn2023.0.33.11.14-1.amzn2023.0.33.11.14-1.amzn2023.0.33.11.14-1.amzn2023.0.33.11.14-1.amzn2023.0.33.11.14-1.amzn2023.0.33.11.14-1.amzn2023.0.33.11.14-1.amzn2023.0.33.11.14-1.amzn2023.0.3